Tag
4 articles
Cookies
Every article on the AldeaCode blog tagged with this topic.
Security
Where to Store JWT Tokens: Cookies vs localStorage
Where to store a JWT in 2026: HttpOnly cookies, readable sidecars, CSRF and XSS tradeoffs. The pragmatic JWT cookie pattern, with code.
Read article → Security
JWT vs Session Cookies: Which to Use in 2026
JWT vs session cookies compared on revocation, scaling, size and attack surface. A clear guide to picking the right auth approach in 2026.
Read article → Legal
AEPD Cookie Banner Compliance: Reject Button Rules 2026
AEPD requires reject to be as easy as accept. Technical checklist for a legal cookie consent banner: buttons, layout, logging, and granular control.
Read article → Security
Clickjacking: X-Frame-Options vs CSP frame-ancestors
How to prevent clickjacking attacks with X-Frame-Options and CSP frame-ancestors. Header config examples for Nginx, Apache, and Cloudflare.
Read article →