Wenye asked 8 months ago

Do you usually use cookie or session to register? What does a signature cookie mean.. Is it true that no matter what you do, as long as the cookie is leaked, the attacker can use the cookie to imitate the user?
。。 Such as the title

2 Answers
cipchk answered 8 months ago

Yes, search keywords: XSS and CSRF.

Cold stone answered 8 months ago

JSON web token is a solution