How would they steal HTTP-only cookies this way? | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		isbvhodnvemrwvn on Feb 23, 2021 \| parent \| context \| favorite \| on: Total Cookie Protection How would they steal HTTP-only cookies this way?

minitech on Feb 23, 2021 [–]

They wouldn’t steal the cookie, they’d just have the script send the requests as the user directly.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact