this has nothing to do with CSRF btw. And this is not flaw of FB - this is a cor...

		homakov on Aug 29, 2012 \| parent \| context \| favorite \| on: How To Cheat On Facebook Apps Permissions this has nothing to do with CSRF btw. And this is not flaw of FB - this is a core flaw of OAuth2. Lots of them though: http://homakov.blogspot.com/2012/07/saferweb-most-common-oau... http://homakov.blogspot.com/2012/08/oauth2-one-accesstoken-t...