Closed ljrk0 closed 2 months ago
These changes look solid. Can you please clean up the text a little first?
Hi @jmanico glad to do so! Is there anything specific I should clean up in the text?
SameSite
does more than guard against malicious actors reading cookies. Can you expand on that some? Otherwise I think this is good to go!
I've changed the first sentence as suggested @jmanico and provided more context onto what SameSite
guards against as well as added a link to Session Fixation (the same link is already set at a different part in the same page) to provide additional background.
If you prefer, I can also squash the changes into one of course.
@ljrk0 I changed the status of this PR from draft to ready for review. Looks good for me, very good addition.
Also clarifies what
__Host-
and prefixes in general intends to guard against, what kind of problems implementers may encounter and encourage usage together withSameSite
.[TEXT](URL)
This PR covers issue #1373.