Look, if you are going to tokenize your forms (and you should because of CSRF), you also need to have some active JS (or whatever) on the page that at least hides the form after the last valid token expires. For those of us who leave websites that we sign into open, we are tired of logging in twice! Citi.com I’m looking at you.
Archive for 20161031-Mon
…because I have both a Logitech Trackball (usb) and an Apple Magic Trackpad (bluetooth)… I could randomly use either one at any time because I am unpredictable like that.
Category: Blog /