Given the following code, answer the questions. const expr…
Given the following code, answer the questions. const express = require(‘express’); const cookieParser = require(‘cookie-parser’); const app = express(); const port = 3000; app.use(cookieParser()); // Simulate user login and set session cookie securely app.get(‘/login’, (req, res) => { res.cookie(‘session’, ‘user123token’, { httpOnly: true, // Prevent JavaScript access secure: true, // Send cookie only over HTTPS sameSite: ‘Strict’, // Prevent cross-site requests path: ‘/’ }); res.send(‘Logged in with secure session’); }); // Dashboard now protected from cookie theft app.get(‘/dashboard’, (req, res) => { res.send(‘Welcome to your secure dashboard!’); }); app.listen(port, () => { console.log(`App running at https://localhost:${port}`); }); a) Please explain which feature you can add to mitigate the CSRF vulnerability and ensure that the cookie is inaccessible to JavaScript, preventing it from being accessed through document.cookie, and the cookie is only sent over HTTPS connections (15 points). b) Fix the previous code by adding the features required to protect the system (10 points). Rubric