top | item 46381703 (no title) tordrt | 2 months ago Yep SameSite lax, and just make sure you never perform any actions using Get requests, which you shouldn’t anyway. discuss order hn newest paulryanrogers|2 months ago Unsubscribe often need to be GET, or at least start as GET eli|2 months ago list-unsubscribe header sends a POST. Probably makes more sense to just use a token from an email anyway. load replies (2)
paulryanrogers|2 months ago Unsubscribe often need to be GET, or at least start as GET eli|2 months ago list-unsubscribe header sends a POST. Probably makes more sense to just use a token from an email anyway. load replies (2)
eli|2 months ago list-unsubscribe header sends a POST. Probably makes more sense to just use a token from an email anyway. load replies (2)
paulryanrogers|2 months ago
eli|2 months ago