Cookie attributes guide: SameSite, Partitioned, HttpOnly, Secure, Domain, Path, Priority
HTTP Set-Cookie has more than seven attributes, all relevant to authentication, CSRF defense, and cross-site tracking. This article walks through SameSite (Lax/Strict/None), Partitioned (CHIPS), HttpOnly, Secure, Domain, Path, and Priority — with the recommended combinations for auth cookies, third-party widgets, and CSRF protection.
· 5 min read