Y
Hacker News
new
|
ask
|
show
|
jobs
by
wereHamster
1568 days ago
> While it’s possible to create cookie with credentials, this should be avoided due to all the possibilities of CSRF Attacks
This is no longer an issue, if you use SameSite=Strict, Secure, HttpOnly cookies.