javascript - Do I need to enable CSRF protection? -

-

if none of post endpoints in api server consume application/x-www-form-urlencoded or multipart/form-data, need concerned csrf? understanding, csrf can executed through form-backed post requests. other kind of request requires use of xmlhttprequest, won't go through because of same origin policy.

sure, can send json forms in modern browsers. applies application/x-www-form-encoded applies equally other form data encoding types.

moreoever - there no guarantee support more types won't added in future there's that.


Comments

Post a Comment

Popular posts from this blog

javascript - Create websocket without connecting -

-
is there way create websocket without connecting right away? far think var ws = new websocket("ws://ws.my.url.com"); creates , connects right away. i'd create socket, define callbacks, , connect once user clicks connect button. thanks no. creating websocket means you've created connection server (or started process of connecting). there no such thing creating websocket isn't connecting yet. you create object store configuration parameters , tell object connect when wanted to, though i'm not sure why that's better creating actual websocket when connect made. or create function setup work , call function later when user clicks connect button.
Read more

how to do line continuation in perl debugger for entering raw multi-line text (EOT)? -

-
i learning perl. trying in debugger define variable, here-document. not know how enter same code in perl script, in debugger. due new lines present inside eot, makes hard in interactive debugger. here small example. have script: >cat ex1.perl #!/usr/bin/perl -w $s =<<'eot'; first line second line eot print $s now run , gives expected output: >perl ex1.perl first line second line now want same in debugger. tried this: >perl -de0 loading db routines perl5db.pl version 1.39_10 db<1> $s =<<'eot';\ cont: first line\ cont: second line\ cont: eot can't find string terminator "eot" anywhere before eof @ (eval 6) [/usr/share/perl/5.18/perl5db.pl:732] line 2. @ (eval 6)[/usr/share/perl/5.18/perl5db.pl:732] line 2. eval 'no strict; ($@, $!, $^e, $,, $/, $\\, $^w) = @db::saved;package main; $^d = $^d | $db::db_stop; $s =<<\'eot\'; first line second line eot; ' called @ /usr/share/perl...
Read more

Android SDK Manager freezes after installation of OSX 10.11 El Capitan public Beta -

-
i've installed public beta of el capitan os x (10.11). the issue i'm having after upgrade installation yosemite android sdk manager. when launch android sdk manager within android studio 1.2.2 checks , parses via network call. after clicking on of individual modules, sdk manager freezes , colourful wheel of death. way force close application. i've tried restarting macbook pro , force quitting , relaunching sdk manager , still issue persists. sdk manager working without issues prior upgrade of 10.11 edit: i've noticed none of emulators work el capitan cpu acceleration status: hax not installed on machine (/dev/hax missing). i've tried using genymotion , doesn't work either. i in trouble same thing, too. workaround fix, use no-ui option: $ android update sdk --no-ui other option available here: http://tools.android.com/recent/updatingsdkfromcommand-line
Read more