Learn how to secure your Single Page Application (SPA) against Cross-Site Request Forgery (XSRF/CSRF) attacks using ASP.NET Core cookie authentication. Explore various attack scenarios, including cross-site login attempts with fetch and form posts, and implement effective defense strategies such as Origin and Referer checks. Discover the differences between Strict and Lax cookies, and understand the potential risks of man-in-the-middle attacks. Gain practical knowledge on implementing robust security measures for your ASP.NET Core SPA using C# minimal APIs, applicable to .NET 7, .NET 6, and .NET 5.