CookieWeb SecurityOWASP
Secure, HttpOnly, SameSite: The Three Guardians of Your Cookie
·479 words·3 mins
One badly set cookie is enough for an attacker to pretend to be you. Meet the three lines of defense (Secure, HttpOnly, SameSite) and how to turn them on.