I'm using Chrome, my FE is running on http://localhost:3000, and my BE server is running on http://localhost:8000.
I just want to store my refreshToken to cookie, using httpOnly: true, and I do it in BE. Of course I configured my request with withCredentials: true too.
I found that cookie only can be sent from different origin if secure: true, sameSite: None, but localhost is insecure
I went so far to realize that it does not work with http, whose default protocol of localhost. Is there any way to use cookies without using TLS in localhost?
Please correct me if I miss something important, I'm just a noob at this. Tks!