Frontend Developer

hardcsrf-and-samesite-cookies

What is CSRF and how do SameSite cookies help?

Answer

CSRF tricks a user’s browser into sending authenticated requests to a site. **Mitigations:** - CSRF tokens (synchronizer pattern) - SameSite cookies (`Lax` or `Strict`) - Double-submit cookies (in some architectures) If you use cookies for auth, CSRF protection is essential (especially for state-changing requests).

Related Topics

SecurityAuthenticationWeb

Related Questions

Why is semantic HTML important and what are common semantic elements?

What is web accessibility and when should you use ARIA?

How does CSS specificity work and how do you avoid specificity problems?

Back to Frontend Developer All Professions