Setting httponly secure cookies in microservice architecture
I have read that storing the jwt token within the httponly secure cookie is the recommended way to prevent both csrf attacks and xss attacks.
When a user goes to my website they may make an api call like so
POST mygatewayproxy.example/logi… Continue reading Setting httponly secure cookies in microservice architecture