SameSite Flag

← Back to Cookies and Sessions

A cookie attribute that controls when cookies are sent with cross-site requests. Strict (never sent cross-site), Lax (sent on top-level navigation only, default in modern browsers), None (always sent, requires Secure flag). Primary defense against CSRF attacks.

networking http security

Software Engineering KB

Explorer

SameSite Flag

SameSite Flag

Graph View

Backlinks