5
rkzo
3y

The whole API service relies on a token obtained by posting to a http URL: http:// blah/get_token?User=malleable?Password=longandcomplicatedpasswordforsecurity
🤔👌👏

Comments
  • 1
    I had a client once who claimed this was the most secure way. He was the senior backend developer for his company.
  • 3
    Password in the FUCKING GET?!
Add Comment