Mitigate CSRF Attacks by Setting the SameSite Cookie Flag in Express by Mike Sherov