I have heard many people suggest that CSRF handling is mandatory for actions performing write operations but its optional for action performing read only operations?
If yes please share an example how action which only performs read only operations can be exploited using CSRF.
Aucun commentaire:
Enregistrer un commentaire