Personal Brand :: Social Media :: LinkedIn :: Post :: HTTPS Cookie Security
⪼ Made with 💜 by Polyglot.
- I personally prefer to set cookies as HttpOnly and Secure essentially making them HTTPS-only cookies
- Creating HTTPS Copies Guide (ChatGPT)
- Software Engineering :: Web :: Development :: HTTP :: Header :: Cookie
» HTTPS Cookie Security «
Once a cookie is set, the value is sent along with every subsequent request to the same server.
↳ Typically, JavaScript in the browser can access the cookie's value `document.cookie`
↳ This is convenient; however, it's much safer to set cookies to `Secure` and `HttpOnly`
This one setting essentially makes them "HTTPS-Only" cookies and you're good to go.
Țechśavvy CEO
How are you currently handling or planning on handling cookie security in your web application? 👇🏾