Google introduces device-bound session credentials to fight account hijacking neowin.net 3 points by bundie a day ago
verdverm a day ago There has to be a better source for this. Neowin doesn't even talk about the credentials and is riddled with ads verdverm a day ago https://developer.chrome.com/blog/dbsc-origin-trialhttps://w3c.github.io/webappsec-dbsc/https://blog.chromium.org/2024/04/fighting-cookie-theft-usin... verdverm a day ago I believe DPoP has similar goals, had to implement this as part of ATProto OAuth
verdverm a day ago https://developer.chrome.com/blog/dbsc-origin-trialhttps://w3c.github.io/webappsec-dbsc/https://blog.chromium.org/2024/04/fighting-cookie-theft-usin... verdverm a day ago I believe DPoP has similar goals, had to implement this as part of ATProto OAuth
There has to be a better source for this. Neowin doesn't even talk about the credentials and is riddled with ads
https://developer.chrome.com/blog/dbsc-origin-trial
https://w3c.github.io/webappsec-dbsc/
https://blog.chromium.org/2024/04/fighting-cookie-theft-usin...
I believe DPoP has similar goals, had to implement this as part of ATProto OAuth