Setting SameSite on the session cookie? #398
Description
The userinfo example stores state in a cookie but doesn't set a SameSite attribute on the cookie.
Is there a reason not to do so for better security?
{{ message }}
The userinfo example stores state in a cookie but doesn't set a SameSite attribute on the cookie.
Is there a reason not to do so for better security?