Y
Hacker News
new
|
ask
|
show
|
jobs
by
labourcurious
2794 days ago
The author glosses over this but what they mean is that you can set the HttpOnly flag on cookies to prevent them from being accessed via JavaScript.
1 comments
akarambir
2794 days ago
But is it still sent automatically on ajax requests by browsers?
link
SahAssar
2794 days ago
Yes.
link