Hello, users. I have been thinking about the same thing. Let's imagine that the page has a form which has a select option. By clicking on submit form data is passed to the handler. For example, control.php.
So what's the question. What if the person with the code element change option, which by their nature should not change? In this case, the handler will come the changed data? And how to deal with it?
I might surprise you, but we can all see the url for which you form submited and if you have no CSRF protection, to seismicity any REST client you anything. The moral: always check what you comes to the server.
albin_Bernier answered on March 23rd 20 at 19:09
Check user input on the server side.
What else... It's a classic.