Cookies
Securing Your Website Cookies
Configure secure cookies with HttpOnly, Secure, and SameSite attributes.
Cookie security attributes:
## Secure
Only send over HTTPS
## HttpOnly
Prevent JavaScript access (prevents XSS theft)
## SameSite
Control cross-site cookie sending
Strict, Lax, or None
## Laravel
SESSION_SECURE_COOKIE=true
SESSION_SAMESITE=strict
## Secure
Only send over HTTPS
## HttpOnly
Prevent JavaScript access (prevents XSS theft)
## SameSite
Control cross-site cookie sending
Strict, Lax, or None
## Laravel
SESSION_SECURE_COOKIE=true
SESSION_SAMESITE=strict