throwaway63839·7 anni fa·discussNot true. Using samesite cookie attribute prevents CSRF through IMG tags. (On browsers that support samesite, i.e. most browsers.)