Details
-
Bug
-
Resolution: Won't Fix
-
Major
-
None
-
1.3.2
-
N/A
-
N/A
-
Description
The comment delete link visible by admins has the url in the hred and a js confirmation. This is NOT enough because tools that follow links (like fasterfox) can follow that link when they should not. Links that modify data should never be available. They should be activating a form POST or the JS should set them when the link is clicked