| ▲ | sublinear 12 hours ago | |
I'm curious if having unique URLs per user session would mitigate this. I think that's already best practice in most API designs anyway? | ||
| ▲ | kay_o 9 hours ago | parent [-] | |
Probably. No, it isn't. Ive not seen this in an API ever and only in webapps ?phpsessid= back in childhood | ||