DEV Community


Discussion on: Why Facebook's api starts with a for loop

richardtallent_70 profile image
Richard Tallent

No one cares about semantics verbs. Using POST for API endpoints solves an entire class of link-based attacks. We should of course still use CSRF and other mitigations, but the semantic purism argument is a weak one, IMHO.