I was thinking more about the unsubscribe footer links still very common in emai... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		paulryanrogers 30 days ago \| parent \| context \| favorite \| on: CSRF protection without tokens or hidden form fiel... I was thinking more about the unsubscribe footer links still very common in emails.

eli 29 days ago [–]

I don’t think CSRF has anything to do with those?

paulryanrogers 28 days ago | [–]

The endpoints serving those links can't be protected as well. Unless they serve a form that posts, which may not be legal if it requires extra clicks

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact