RootCauseunvalidated

JavaScript won't be allowed to read httpOnly cookies. Tension: How would the client access the value of it if the JWT is stored in a cookie? Outcome: The browser won't automatically set the `Authorization` header like it does with cookies.

9c1ee30f-d843-418b-b1cd-232e9ec16ca5

JavaScript won't be allowed to read httpOnly cookies. Tension: How would the client access the value of it if the JWT is stored in a cookie? Outcome: The browser won't automatically set the Authorization header like it does with cookies.