Y
Hacker News
new
|
ask
|
show
|
jobs
by
socketcluster
178 days ago
Yep, httpOnly cookies just give the hacker a bit of extra work in some situations. TBH I don't even think httpOnly is worth the hassle it creates for platform developers given how little security it adds.