alt Hacker NewsI'm curious if having unique URLs per user session would mitigate this.
I think that's already best practice in most API designs anyway?
I'm curious if having unique URLs per user session would mitigate this.
I think that's already best practice in most API designs anyway?
Probably.
No, it isn't. Ive not seen this in an API ever and only in webapps ?phpsessid= back in childhood