Skip to content

Secure Your Cookies

View on Twitter

💡 Working with cookies? Don't forget to secure them:

👉🏼 HttpOnly — no access from JavaScript (document.cookie API)
👉🏼 Secure — send cookie over HTTPS only
👉🏼 SameSite (Strict/Lax) — send only when current URL matches cookie URL

You might also like
Debug Requests Using a Mirror API Read tip
Using Data Attributes Read tip
Awesome Github Profile READMEs Read tip