SameSite is an IETF draft standard designed to provide some protection against cross-site request forgery (CSRF) attacks.

In this episode, we're joined by .NET Security Curmudgeon Barry Dorrans who will talk to us about some of the concerns around SameSite cookies and how to address them.

  • [01:09] - What are same site cookies?
  • [06:34] - What's broken with some browsers?
  • [10:03] - Fixing the SameSite cookie in Visual Basic and Web Forms
  • [17:25] - Fixing the SameSite cookie in C# and MVC 5
  • [19:41] - Fixing the SameSite cookie in ASP.NET Core

 

Useful Links