More secure way than sending cookies through JSON from server to server?
In learning more about web security, I was thinking of hiding my tool for managing cookies for auth, but putting it in a backend "API" server, and having the frontend "web" server call out to that backend server to get/…