| http://www.w3.org/ns/prov#value | - @visionmedia: I agree, nothing is to be trusted, but there is a big difference between how much work an attacker has to do to make someone's browser do a POST vs. a GET request, so at least you should think twice before generically allowing any GET request to rewrite itself to eg.
|
