Tag 1 article

CSRF

Every article on the AldeaCode blog tagged with this topic.

Where to Store JWT Tokens: Cookies vs localStorage

Where to store a JWT in 2026: HttpOnly cookies, readable sidecars, CSRF and XSS tradeoffs. The pragmatic JWT cookie pattern, with code.