Comment on Slrpnk instance is down till mid July; they might relaunch their server on piefed.
GreenKnight23@lemmy.world 1 day agoyes, but those frontends are typically tied closer to the backend than a public API.
things like CSRF can help block abuse of the back end.
tfm@europe.pub 1 day ago
Nope they all use the public API. Even the default Lemmy web client.
GreenKnight23@lemmy.world 23 hours ago
well that’s poor planning and why bots are such a problem.
I know CSRF tokens aren’t a silver bullet, but doing nothing to stop them does nothing to stop them.
tfm@europe.pub 15 hours ago
CSRF protection is a security feature not bot prevention. A bot would just need to get a token first.