InJavaScript in Plain EnglishbyAngular&NodeEnthusiastAngular: Are custom request headers effective in preventing CSRF attacks ?OWASP lists out using custom request headers as one of the CSRF mitigation techniques. In this story we will see how effective this method…Jun 10
Angular&NodeEnthusiastAngular: Sending/Receiving cookies with a cross-site application serverIf you are interested to know how cookies can be sent/received between cross-origin but same-site resources, you can check the below story…May 29
InJavaScript in Plain EnglishbyAngular&NodeEnthusiastAngular: How do cookies work with different SameSite restriction levels and domain attributes in…In this story, I would like to share the example I used to understand how cookies work with different combinations of sameSite and domain…Jun 9Jun 9
Hamid Reza SalimianCookie Defense: Why the “SameSite“ of cookies Matters as securityWelcome to the delightful journey of SameSite cookies, where we unlock the secrets behind these tiny data guardians! Ever wondered why your…Dec 2, 20231Dec 2, 20231
James JarvisPortswigger: CSRF with SameSite Strict BYPASS via client-side redirectThis article will show the full process for: CSRF with SameSite Strict BYPASS via client-side redirect.Apr 19Apr 19
InJavaScript in Plain EnglishbyAngular&NodeEnthusiastAngular: Are custom request headers effective in preventing CSRF attacks ?OWASP lists out using custom request headers as one of the CSRF mitigation techniques. In this story we will see how effective this method…Jun 10
Angular&NodeEnthusiastAngular: Sending/Receiving cookies with a cross-site application serverIf you are interested to know how cookies can be sent/received between cross-origin but same-site resources, you can check the below story…May 29
InJavaScript in Plain EnglishbyAngular&NodeEnthusiastAngular: How do cookies work with different SameSite restriction levels and domain attributes in…In this story, I would like to share the example I used to understand how cookies work with different combinations of sameSite and domain…Jun 9
Hamid Reza SalimianCookie Defense: Why the “SameSite“ of cookies Matters as securityWelcome to the delightful journey of SameSite cookies, where we unlock the secrets behind these tiny data guardians! Ever wondered why your…Dec 2, 20231
James JarvisPortswigger: CSRF with SameSite Strict BYPASS via client-side redirectThis article will show the full process for: CSRF with SameSite Strict BYPASS via client-side redirect.Apr 19
InBosphorusISSbyMine KayaCookies, everything you needHi, it’s been a while since the last post, hope you are fine. If this is your first one, hi again I am Mine. Today we will talk about…Apr 5
Bipin MaharjanSame Site Cookie Attribute in shortLet's start with what is a same site cookie attribute? Same site attribute in a cookie is a rule that instruct how cookies are sent with…Aug 18, 2023
Infosec WeirdoCSRF: SameSite Strict bypass via client-side redirectPortSwigger has released new labs demonstrating Cross-site Request Forgery (CSRF) Bypassing SameSite cookie restrictions.Jan 7, 2023
