Add secure and samesite flags to badge cookie (!20) · Merge requests · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake WebExtension

It looks like there have been several browser security improvements to prevent CSRF attacks. Chrome and Firefox now require cross-site cookies to have the secure and samesite attributes set.

I'm hoping this solves the issue we're seeing on both Chrome and Firefox.

Closes #28 (closed)

Add secure and samesite flags to badge cookie

Merge request reports