'SameSite' cookie attribute
Same-site cookies ("First-Party-Only" or "First-Party") allow servers to mitigate the risk of CSRF and information leakage attacks by asserting that a particular cookie should only be sent with requests initiated from the same registrable domain.
sharedworker api: `sharedworker()` constructor: `options.samesitecookies` parameter
headers http header: set-cookie: samesite: `samesite=lax`
headers http header: set-cookie: samesite: defaults to `lax`
headers http header: set-cookie: samesite: `samesite=none`
headers http header: set-cookie: samesite: secure attribute required if `samesite=none`
headers http header: set-cookie: samesite: url scheme-aware ("schemeful")
headers http header: set-cookie: samesite: `samesite=strict`
8 results found.