How to Protect Cookies Against Common XSS Attacks on the Web?

We can ignore Cookies danger by just not recommending its usage, but the fact is that at least 55% of all the websites use Cookies RIGHT NOW even with lots of existing cookieless strategies.

So how to protect Cookies against Common XSS Attacks?

Well,…


This content originally appeared on DEV Community and was authored by Beto Muniz

We can ignore Cookies danger by just not recommending its usage, but the fact is that at least 55% of all the websites use Cookies RIGHT NOW even with lots of existing cookieless strategies.

So how to protect Cookies against Common XSS Attacks?

Well, if your app really needs to use Cookies, configure each one through Set-Cookie HTTP Header with at least the following flags:

? Secure: To allow the Cookie only through HTTPS
? HttpOnly: To remove the Cookie from the document.cookie
? SameSite: To limit the Cookie context usage

Set-Cookie: Secure;HttpOnly;SameSite=Strict;...

Hope that with these tips, your app now has a few more chances against XSS Attackers that use Cookies breaches. Anyway, keep in mind that complex attacks can easily bypass these tips. So try to migrate ASAP to cookieless strategies.

? If this content was useful for you, subscribe to my newsletter


This content originally appeared on DEV Community and was authored by Beto Muniz


Print Share Comment Cite Upload Translate Updates
APA

Beto Muniz | Sciencx (2021-05-17T21:58:30+00:00) How to Protect Cookies Against Common XSS Attacks on the Web?. Retrieved from https://www.scien.cx/2021/05/17/how-to-protect-cookies-against-common-xss-attacks-on-the-web/

MLA
" » How to Protect Cookies Against Common XSS Attacks on the Web?." Beto Muniz | Sciencx - Monday May 17, 2021, https://www.scien.cx/2021/05/17/how-to-protect-cookies-against-common-xss-attacks-on-the-web/
HARVARD
Beto Muniz | Sciencx Monday May 17, 2021 » How to Protect Cookies Against Common XSS Attacks on the Web?., viewed ,<https://www.scien.cx/2021/05/17/how-to-protect-cookies-against-common-xss-attacks-on-the-web/>
VANCOUVER
Beto Muniz | Sciencx - » How to Protect Cookies Against Common XSS Attacks on the Web?. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2021/05/17/how-to-protect-cookies-against-common-xss-attacks-on-the-web/
CHICAGO
" » How to Protect Cookies Against Common XSS Attacks on the Web?." Beto Muniz | Sciencx - Accessed . https://www.scien.cx/2021/05/17/how-to-protect-cookies-against-common-xss-attacks-on-the-web/
IEEE
" » How to Protect Cookies Against Common XSS Attacks on the Web?." Beto Muniz | Sciencx [Online]. Available: https://www.scien.cx/2021/05/17/how-to-protect-cookies-against-common-xss-attacks-on-the-web/. [Accessed: ]
rf:citation
» How to Protect Cookies Against Common XSS Attacks on the Web? | Beto Muniz | Sciencx | https://www.scien.cx/2021/05/17/how-to-protect-cookies-against-common-xss-attacks-on-the-web/ |

Please log in to upload a file.



There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.

Related Posts