Web Application Security

Never use the GET method for Sensitive Actions in Web App: Ft. CSRF

The Limitation of Cookie’s “SameSite: Lax” Security

Introduction

With the introduction of the default “Samesite: Lax” feature, developers can now enhance the security of their web applications significantly. The feature offers a robust defence mechanism against CSRF weaknesses, previously a major concern for developers. As a result, developers can now breathe a sigh of relief and…