> "I threw the code together in minutes and was too lazy to spend another couple... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

joesb on May 1, 2018 | parent | context | favorite | on: You know how HTTP GET requests are meant to be ide...

> "I threw the code together in minutes and was too lazy to spend another couple minutes figuring out POST."

So it's not the vendor's problem then. They provide you with two ways to make a request. You have a choice to do it right, you didn't.

acdha on May 1, 2018 | [–]

The device should not support GET at all for this. It opens up a number of attacks and there’s no good reason to support it.

Kiro on May 1, 2018 | | [–]

Who says it was the vendor's problem?

scrollaway on May 2, 2018 | [–]

What's your point? Nobody said it was the vendor's problem except you.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact