Prefetching breaks “magic link” password-less login systems unless you take precautions
3 min readJan 8, 2021
I’m a big fan of magic link authentication. It’s that UX pattern in which in order to login to a web application you simply plug your email into a form, and the server mails you a one-time use URL that you click to login. It is similar in function to them getting an email with a one-time-use code in it, returning to your app, and entering the…