samesite

Home > @spruceid/ssx-core > SSXCookieOptions > sameSite

SSXCookieOptions.sameSite property

Prevents Cross Site Request Forgery Attacks by telling the browser to only send cookies with request from your site. The lax setting allows GET requests from other sites. Recommended true for production.

Signature:

sameSite: boolean | 'lax' | 'strict' | 'none' | undefined;

Previoushttponly Nextsecure

Last updated 1 year ago