Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
mechanicalpulse
on Aug 28, 2018
|
parent
|
context
|
favorite
| on:
Why Static Websites Need HTTPS
Yes.
https://en.m.wikipedia.org/wiki/Cross-origin_resource_sharin...
austincheney
on Aug 28, 2018
[–]
CSRF works the same whether the site is served via HTTP or HTTPS. CSRF attacks the server from the client, so HTTPS doesn't protect from this. HTTPS is an end-to-end encrypted tunnel.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search: