forms Why we chose SameSite:strict over CSRF Token While CSRF Token work perfectly good in preventing CSRF attacks, the implementation of these tokens is not a pleasant work. With the Cookie attribute SameSite:strict, CSRF protection just works almost anywhere.