Free Post CORP COEP COOP CORP CORS CORB - CRAP that's a lot of new stuff! Yep, you heard it right, we have a few new security features and even some new Security Headers in town! Whilst technically only COOP, COEP, CORP and CORB are new,...
Free Post CSRF CSRF is (really) dead A little while back I wrote a blog post about how "CSRF is dead". It focused on SameSite cookies, a powerful yet simple feature to protect your website against CSRF attacks. As powerful as it was, and as much as it will...
Free Post CSRF Cross-Site Request Forgery is dead! After toiling with Cross-Site Request Forgery on the web for, well forever really, we finally have a proper solution. No technical burden on the site owner, no difficult implementation, it's trivially simple to deploy, it's Same-Site Cookies. As...
Free Post cookies Tough Cookies Cookies are tiny pieces of data attached to requests that your browser sends. Their most important use is for authentication so that a web server can know if you are...
Follow