Enforce outbound cookie policy.

marrow / web.security

Access control list (ACL) authorization, authentication, and cross-site request forgery (CSRF) protection for WebCore applications.

MIT License

4 stars 3 forks source link

Open amcgregor opened 3 years ago

amcgregor commented 3 years ago

Same-site flag. (Prevent access from other domains.)
HTTP-only flag. (Prevent access from JavaScript in-page.)
Secure (HTTPS-only) flag. (Prevent disclosure of cookie contents over insecure channels.)