Cookies 😇

HttpOnly, Secure, SameSite and their security implications

Photo by sheri silver on Unsplash

HTTP is a stateless protocol. The web servers handle each HTTP request independently. This is especially a problem for identification. The webserver needs to know to whom it is talking. For that reason, we allow the client side (the browser) to store information that it can send along with every single request.