Cookie (Max) Size and Number Limit

Some commonly asked questions are: To understand these limits, let’s first look at what the official specification, i.e., RFC 6265 has to say. According to it, a browser must provide a minimum of the following: We know the minimum limits now. As far as maximum limits are concerned, it doesn’t really matter because each browser […]

SameSite Cookies Explained

The SameSite attribute of cookies controls how they are sent in cross-site (slightly different from cross-origin) requests in web browsers through which we can reduce the risk of cross-site request forgery (CSRF) attacks and hence enhance user privacy and security. Before looking at the different values we can pass to this attribute, please read this […]

Set Shared Cookies Across Subdomains on localhost

If you are running multiple apps on localhost across different subdomains (foo.localhost, bar.localhost, etc.) and want to set a cookie on one domain that is accessible from another subdomain, then you will have to watch out for a couple of things. Setting a Cookie with Domain=.localhost or Domain=localhost (since the dot notation is deprecated) will […]