'SameSite' cookie attribute
Same-site cookies ("First-Party-Only" or "First-Party") allow servers to mitigate the risk of CSRF and information leakage attacks by asserting that a particular cookie should only be sent with requests initiated from the same registrable domain.
headers http header: set-cookie: `samesite`: `samesite=lax`
headers http header: set-cookie: `samesite`: defaults to `lax`
headers http header: set-cookie: `samesite`: `samesite=none`
headers http header: set-cookie: `samesite`: url scheme-aware ("schemeful")
headers http header: set-cookie: `samesite`: secure context required
headers http header: set-cookie: `samesite`: `samesite=strict`
7 results found.