Y
Hacker News
new
|
ask
|
show
|
jobs
by
justinsteven
2258 days ago
I tested with SameSite being Lax and Strict. Neither block the attack in Chrome. My reading of the SameSite spec indicates that it doesn't take cookie path into account.