> So now what happens if a clever hacker is embedding this to his website and social engineers a victim to visiting his site.
>
If that happens then CSRFs or JSON is not the highest priority thing to worry about. The hacker controls everything. And no matter what I do, he can find a by pass.
> So now what happens if a clever hacker is embedding this to his website and social engineers a victim to visiting his site. >
If that happens then CSRFs or JSON is not the highest priority thing to worry about. The hacker controls everything. And no matter what I do, he can find a by pass.