This simple project aims to shocase how cookie hijacking can happen.
- change the server port to an available port on your machine;
- start spring boot;
- upon requesting the main page (localhost:8080/biscotti/dammi-cookie), your client will store a cookie "lang":"ENG";
- visit the biscotti/saluta endpoint, that will greet you in English;
- change tha cookie's value field to "ITA";
- the /saluta endpoint will then greet you in Italian as the fake cookie, that was included in your new request, tells the server your chosen language is Italian.
