“Exploring the SameSite cookie attribute for preventing CSRF”
In every project where I’ve set the SameSite setting to anything other than “none” Oauth-style logins have broken in at least one browser. 😑
... works as a web developer in Hveragerði, Iceland, and writes about the web, digital publishing, and web/product development
These are his notes
“Exploring the SameSite cookie attribute for preventing CSRF”
In every project where I’ve set the SameSite setting to anything other than “none” Oauth-style logins have broken in at least one browser. 😑