From what I understand, HttpOnly cookies cannot be read by client js but they are passed by the browser with any subsequent requests. If an attacker is able to
peephole-optimization
spring-boot-starter-security
preg-split
baud-rate
dbref
android-wear-notification
little-proxy
public-members
powerapps-makerportal
flask-mysql
ribbonx
memento
d2xx
dismo
wss
falsy
round-corner
ragg
stable-baselines
fact++
svmlight
hivemq
tabcontainer
flutter-constraint
mousearea
maildir
pen
control-language
refer
np-complete
