DEV Community

Discussion on: Today's rabbit hole: securing JWTs for authentication, httpOnly cookies, CSRF tokens, secrets & more

Collapse
rahulahire profile image
Rahul Ahire • Edited on

This cookie topic actually eat my head a lot for 4-5days but now I'm somehow comfortable at it.
except the point of httpOnly cookie vs Authorization header or using both

technically its quiet easy to use httpOnly cookie
sadly there arent many clear cut tutorials on it. But, I'm hopeful about it