minus-squaregornius@lemmy.worldtoProgrammer Humor@lemmy.ml•SPAs were a mistakelinkfedilinkarrow-up1·7 months agoThen again, cookie auth is vulnerable to CSRF. Pick your poison. Although CSRF protection just adds a minor inconvenience, while there is never a guarantee your code is XSS vulnerability free. linkfedilink
minus-squaregornius@lemmy.worldtoProgrammer Humor@lemmy.ml•The Centererlinkfedilinkarrow-up0·10 months agoCo-pilot? linkfedilink
Then again, cookie auth is vulnerable to CSRF. Pick your poison.
Although CSRF protection just adds a minor inconvenience, while there is never a guarantee your code is XSS vulnerability free.