loading...

Discussion on: Understanding CORS

Collapse
iamandrewluca profile image
Andrew Luca

Now I get it.
But can the attacker make a simple request, and get a CSRF token,
then make second request with that token included?