You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We can use the Lax setting because we adhere to the HTTP protocol and don't use secure methods to change data. It looks like this will protect against CSRF attacks, but it doesn't. Normal forms, let's call them pre-auth, like a login or a contact form, still need to be protected.
The text was updated successfully, but these errors were encountered:
We can use the
Lax
setting because we adhere to the HTTP protocol and don't use secure methods to change data. It looks like this will protect againstCSRF
attacks, but it doesn't. Normal forms, let's call thempre-auth
, like a login or a contact form, still need to be protected.The text was updated successfully, but these errors were encountered: