Post 9o13JTO7Ms82ByWo5Y by rain@niu.moe
 (DIR) More posts by rain@niu.moe
 (DIR) Post #9o13JTO7Ms82ByWo5Y by rain@niu.moe
       2019-10-17T12:09:20Z
       
       1 likes, 0 repeats
       
       [OH:wleslie] it was already really easy to avoid CSRF as a vulnerability, even before CORS was a thing: simply make authority-carrying resource names unguessable (make it a crypto-cap)