http.c: Always set SameSite=Strict to cookies - xavi/libweb - Small and lightweight web framework written in C99 and POSIX.1-2008.

diff options

author	Xavier Del Campo Romero <xavi92@disroot.org>	2025-09-23 16:28:44 +0200
committer	Xavier Del Campo Romero <xavi92@disroot.org>	2025-09-23 16:28:44 +0200
commit	f7864cb7d49a8ca5bddf8d1f68b71ecd5ed85adc (patch)
tree	756a5e6b503e49e53675e166985e7b6b72c44f9f /handler.c
parent	5d47b2d12caba33793a078d2eafae6ae3d2ad921 (diff)

http.c: Always set SameSite=Strict to cookies

This cookie attribute allows to mitigate CSRF attacks, while not requiring the server to store additional data. [1] [1]: https://owasp.org/www-community/SameSite

Diffstat (limited to 'handler.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: