Guides to secure cookies — the Secure, HttpOnly and SameSite flags and how to check them.
What the Secure cookie flag does, how it keeps cookies to HTTPS only, how it works with HSTS and the …
What the HttpOnly cookie flag does, how it hides cookies from JavaScript to stop session theft via XSS, and how …
What the SameSite cookie attribute does, the difference between Strict, Lax and None, how it defends against CSRF, and how …
Cookie security explained: the Secure, HttpOnly and SameSite flags that protect session cookies from theft and CSRF, plus how to …
Secably automatically scans for the vulnerabilities covered in these guides.
Start Free Scan