>- I pledge to only make GET requests to http://example.com/foo/\* Doesn't solve... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		gwervc on July 1, 2024 \| parent \| context \| favorite \| on: Show HN: I created an After Effects alternative >- I pledge to only make GET requests to http://example.com/foo/* Doesn't solve any trust issue since data can be send as part of the URL, and the backend response can change at will.

Timon3 on July 1, 2024 [–]

That was just an example - it fully solves trust issues if the pledge is "only make GET requests to exactly example.com/favicon.ico or example.com/style.css". This way you can't send any data (as there's no body, and encoded data wouldn't match the URLs).

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact