🍪

SameSite Cookie

Web Security

Third‑Party Cookies CSRF (Cross‑Site Request Forgery) Cookie Session Cookie

Cookie attribute controlling cross-site cookie sending; helps mitigate CSRF and reduces third-party usage.

Definition

SameSite controls whether cookies are sent with cross-site requests. Values like Lax/Strict reduce CSRF risk by limiting cookie sending on cross-origin navigations and requests.

In plain English Cookie attribute controlling cross-site cookie sending; helps mitigate CSRF and reduces third-party usage.

Why this matters

Why it matters: Session cookies are high-value; SameSite is a practical control that reduces unintended cookie leakage.

Example

Example: Use SameSite=Lax for most sessions; consider Strict for highly sensitive apps; ensure compatibility with necessary flows.

SameSite Cookie

Definition

Why this matters

Example

Accessibility Settings

Text Size

Theme

Contrast Level

Language & Content

Need help with a term? Open the glossary