this post was submitted on 12 Dec 2023
246 points (95.9% liked)

Programmer Humor

32442 readers
891 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 25 points 11 months ago

Then again, cookie auth is vulnerable to CSRF. Pick your poison.

Although CSRF protection just adds a minor inconvenience, while there is never a guarantee your code is XSS vulnerability free.