Re: [whatwg/fetch] SameSite cookies aren't sent on credentialed CORS requests (#769) from Alexandre Gaudencio on 2019-01-31 (public-webapps-github@w3.org from January 2019)

From: Alexandre Gaudencio <notifications@github.com>
Date: Thu, 31 Jan 2019 15:31:34 +0000 (UTC)
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/769/459387316@github.com>

But then you are open the same way to CSRF attacks, aren't you 🤔 ?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/769#issuecomment-459387316

Received on Thursday, 31 January 2019 15:31:58 UTC