GitHub User: makaroni4
Site: http://gistflow.com
-
watch on iTunes
-
follow on Twitter
-
follow on Facebook
-
subscribe to RSS feed
watch on iTunes
follow on Twitter
follow on Facebook
subscribe to RSS feed
Very useful, thanks, Ryan!!!
Real life example of similar auth you can find at http://gistflow.com (open source).
Famous Egor Homyakov hacked us using bug described here:
http://gistflow.com/posts/174
The thing is that if you store auth_token in cookies csrf protection will not work.
Good luck everyone with safe auth :)