Hacker Newsnew | comments | show | ask | jobs | submit login

Don't forget CSRF, and don't do destructive actions via GETs.



Most actions are RESTful, and CSRF is Rails' default.

-----




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: