For security reasons I suggest these cookies JSESSIONID, CSRF_TOKEN, NextURL be set to SameSite in Resilient.

For security reasons I suggest these cookies JSESSIONID, CSRF_TOKEN, NextURL be set to SameSite in Resilient.

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Oct 19 2020
  • Future consideration
  • Attach files
  • Admin
    MARTIN FEENEY commented
    23 Nov 05:20pm

    FYI, We have built-in CSRF protection already just to put the SameSite protection into context.