Hacker News new | past | comments | ask | show | jobs | submit login

This attack depends on being able to control the requests made; cookies are automatically added to the request, which makes them vulnerable. There aren't many times when you'll have enough control over a portion of the body to make non-cookie attacks viable.



Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: