From what I understand, HttpOnly cookies cannot be read by client js but they are passed by the browser with any subsequent requests. If an attacker is able to
awesomeprint
shorthand
non-alphanumeric
classnotfoundexception
system.timers.timer
microsoft-sync-framework
alt-tab
cruisecontrol.net
math.sqrt
thiserror
http-status-code-404
tthread
multer-s3
smartgwt
neshan-map
double-ampersand
quartus
compound-assignment
filterfunction
sqlalchemy
mscoco
gvariant
module-map
azure-media-player
azure-sql-managed-instance
xinput
windows-api-code-pack
p4a
transaction-isolation
api-hook
