Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
emn13
1 day ago
|
parent
|
context
|
favorite
| on:
Handling cookies is a minefield
Yeah, that's what I meant. There's no built in support; but it's indirectly readable since client-side JS can read it.
j16sdiz
1 day ago
[–]
This miss the "HttpOnly" part, which prevents javascript (think script injection vulnerability) from touching this part of the storage
reply
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
