He mentioned the following: "The server also adds an xsrfToken in a cookie (why cookie? cause cookies are limited by same-origin policy)."
From MDN: Access to data stored in the browser such as Web Storage and IndexedDB are separated by origin. Each origin gets its own separate storage, and JavaScript in one origin cannot read from or write to the storage belonging to another origin. Cookies use a separate definition of origins.
(developer.mozilla.org/en-US/docs/W...)
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
He mentioned the following: "The server also adds an xsrfToken in a cookie (why cookie? cause cookies are limited by same-origin policy)."
From MDN: Access to data stored in the browser such as Web Storage and IndexedDB are separated by origin. Each origin gets its own separate storage, and JavaScript in one origin cannot read from or write to the storage belonging to another origin. Cookies use a separate definition of origins.
(developer.mozilla.org/en-US/docs/W...)