• What are SameSite cookies?

    Cookies without the SameSite attribute will be submitted to the "owner website" even when requests originate from other websites. Unless that's what you want (for analytics, tracking etc.,) make sur...

  • The dangers of trusting HTTP headers

    HTTP headers can be set by users and they can be very dangerous if you are using their values anywhere in the application logic, or are writing or storing (and eventually writing) their values anywh...