-
### Discussed in https://github.com/bcit-ci/CodeIgniter/discussions/6247
Originally posted by **mertdogan** November 14, 2023
Hi. I started a new CI project with CI 3.1.13.
When i refresh p…
-
[`SameSite=strict`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite) effectively prevents Cookie-based CRSF attacks and it also brings the benefit of simplifying our code…
-
A cookie associated with a cross-site resource at https://hcaptcha.com/ was set without the `SameSite` attribute. It has been blocked, as Chrome now only delivers cookies with cross-site requests if t…
-
# 零基礎資安系列(三)-網站安全三本柱(Secure & SameSite & HttpOnly)
# 前言保護 Cookie守衛網站安全的三本柱有不同的職責和能力Secure 表示:我不會讓 Cookie去任何危險的地方!HttpOnly 表示:只要有我在的地方 別想找到 Cookie!SameSite 表示:所有和 Cookie 來源不同的請求都別想成功!
[https://tech-b…
-
### Related issues
I found the issue for Express framework
https://github.com/expressjs/express/issues/3958
and looks it was fixed there.
### [REQUIRED] Version info
node: v10.16.3
*…
-
The [Cookie](https://github.com/tebeka/selenium/blob/1131f5e23a795834923a0577707643f71c1746a1/selenium.go#L205) struct does not accommodate HTTPOnly and SameSite fields, described in the [spec](https:…
-
Look here https://www.chromium.org/updates/same-site
This new attribute is missing in https://github.com/koseven/koseven/blob/master/system/classes/Kohana/Cookie.php
PHP https://www.php.net/manu…
-
Syncthing currently triggers a warning in the Firefox console because `SameSite=None` also requires the `Secure` flag: https://developer.mozilla.org/de/docs/Web/HTTP/Headers/Set-Cookie/SameSite#samesi…
-
This was discussed here:
https://github.com/sandstorm-io/sandstorm/pull/2588#issuecomment-581214201
Per the comment, this would block CSRF attacks from domains outside of the sandstorm box's dom…
-
Since undertow version 2.1.0.Final (feature UNDERTOW-1600), Undertow supports `SameSite=None` attributes in cookies, through the `SameSiteCookieHandler`.
Unfortunately, it seems that quarkus-http has…