Why CSRF token cookies don't need to be httpOnly
July 20, 2024
CSRF token cookies are typically sent without httpOnly set to true. But is that a secure practice?
Posts tagged with "#csrf"
1 post found
1 post found
CSRF token cookies are typically sent without httpOnly set to true. But is that a secure practice?