potiuk commented on PR #53907: URL: https://github.com/apache/airflow/pull/53907#issuecomment-3195704882
> A pure GET request that mutates the state runs the risk of some background process (be it the browser itself pre-fetching, or the MUA etc) hitting it and running the endpoint, so I think that is out to my mind. It's also a CSRF issue if GET mutates state. https://security.stackexchange.com/questions/115794/should-i-use-csrf-protection-for-get-requests -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
