@jub0bs.com on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

jub0bs

jub0bs.com

did:plc:htfbrvulpd5oqhnu5vbd5zie

One nitpick: you wrote "If SameSite=Strict, the browser only sends the cookie for same-site requests, meaning even with a permissive CORS policy, we can’t make cross-site requests with cookies." That's not entirely true. More details in - https://jub0bs.com/posts/2021-01-29-great-samesite-confusion/ - https://jub0bs.com/posts/2022-08-04-scraping-the-bottom-of-the-cors-barrel-part1/#cors-vs-samesite

2025-08-23T09:33:50.405Z