Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Would it be worth blacklisting logout by default?

Maybe blacklist any links with the words logout, delete, etc anywhere inside the a tag or in the attributes?



No, my philosophy is to not do anything that could get into one’s way. And that’s a false sense of security.

If one is worried about preloading links that triggers an action, there is a whitelist mode to enable links as you review them.


Could this be used on every website if it were a browser extension? If it were, I would expect Logout links to be disabled by default.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: