Closed Notalifeform closed 1 year ago
I want to investigate a bit more into this one before merging. It is recommended to use _Host
prefix on cookies that should be secure.
I want to investigate a bit more into this one before merging. It is recommended to use
_Host
prefix on cookies that should be secure.
sure. Does it actually work on you machine? I get the error above on chrome..
Just tested and I can confirm in chrome I do get the same error. Firefox did not have this issue. Gonna go ahead and merge this, thank you!
CRSF is broken when running on chrome:
__Host cookie only work when using https
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#attributes