From what I understand, HttpOnly cookies cannot be read by client js but they are passed by the browser with any subsequent requests. If an attacker is able to
blending
dirname
code-injection
unreachable-code
intellij-15
variable-length
supervisord
watershed
rad-server
regfreecom
poisson
cassandra-cli
nyc
jqgrid-inlinenav
ora-03114
scottplot
nszombie
csvkit
symfony-2.1
vitis-ai
turnjs
olsrr
luau
platypus
android-studio-4.1
hit-highlighting
xyz
gate
phpredis
notificationservices
