Securing a client

We have prepared our server side to secure the communication, and now it's time to talk about the security of the client side of our web application. For all our content, we will start using secure communication with TLS and we will start updating our client side using cookies.

Attributes of cookies

A cookie has two special attributes: Secure and HttpOnly. The Secure attribute of a cookie allows it to be sent only to the TLS connection. The other attribute, HttpOnly, marks the cookie that is accessible only via HTTP or HTTPS connections. Mark both of them as true and this small improvement in cookies prevents the web browser from sending a cookie via an insecure connection. With each request sent, the cookies are accompanied to ...

Get Dart: Scalable Application Development now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.