Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

His solution isn't as secure as CSRF protection, but it would cover the basic case easily. All you have to do is pretend logging out isn't idempotent.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: