SameSite
It’s Okay, We’re All On the SameSite
Cory Sabol | | Best Practices, cookies, CSRF, demo, Penetration Testing, programming, SameSite, web app security, Web Application Security, web penetration testing
With Google’s recent announcement that all cookies without a SameSite flag will be treated as having SameSite=Lax set by default in Chrome version 80, surely Cross-Site Request Forgery will be dead? Well, ...