From what I understand, HttpOnly cookies cannot be read by client js but they are passed by the browser with any subsequent requests. If an attacker is able to
survey
nx-angular
wildfly-17
bitcoinlib
staging
samsung-internet
j2html
mongosqld
jsbin
swingworker
adafruit-circuitpython-neopixel
pydeck
hsqldb
date
standard-deviation
brightway
terratest
pulp
continue
vuforia
liberty-maven-plugin
alpha-beta-pruning
bindinglist
typo3-9.x
sync
fiscal-printer
autodesk-webhooks
gemini
savon
robohelp
