DEV Community


Discussion on: Why Facebook's api starts with a for loop

michi profile image
Michael Z

While those vectors may not be working today, we never know what new bug tomorrow will bring, and therefore we should still do our best to prevent API's from being exploitable.

Wouldn't CORB prevent JSON hijacking in modern browers?