<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>OWASP on Vivian's Blog</title><link>https://vvnblog.com/en/tags/owasp/</link><description>Recent content in OWASP on Vivian's Blog</description><generator>Hugo -- gohugo.io</generator><language>en</language><copyright>Copyright © 2026 Vivian All Rights Reserved.</copyright><lastBuildDate>Thu, 23 May 2024 00:00:00 +0000</lastBuildDate><atom:link href="https://vvnblog.com/en/tags/owasp/index.xml" rel="self" type="application/rss+xml"/><item><title>Secure, HttpOnly, SameSite: The Three Guardians of Your Cookie</title><link>https://vvnblog.com/en/posts/cookie/</link><pubDate>Thu, 23 May 2024 00:00:00 +0000</pubDate><guid>https://vvnblog.com/en/posts/cookie/</guid><description>One badly set cookie is enough for an attacker to pretend to be you. Meet the three lines of defense (Secure, HttpOnly, SameSite) and how to turn them on.</description></item></channel></rss>