throwaway63839·7 ปีที่แล้ว·discussNot true. Using samesite cookie attribute prevents CSRF through IMG tags. (On browsers that support samesite, i.e. most browsers.)