removed unfinished thought

ymajoros2 · ymajoros2 · commit 3bff1fe221d9 · 2022-09-01T00:32:47.000+02:00
diff --git a/draft-ietf-oauth-browser-based-apps.md b/draft-ietf-oauth-browser-based-apps.md
@@ -320,8 +320,6 @@ Additionally, cookies MUST be protected from leakage by other means, such as log
 This architecture protects against tokens leakage from the browser, but creates a CSRF attack vector:
 once the user is authenticated, the BFF proxy will automatically add tokens to calls to the resource server.
 
-Cookies must be protected, not only from the browser itself using
-
 <!--
 TODO: Add another description of the alternative architecture where access tokens are passed to JS and the JS app makes API calls directly. https://mailarchive.ietf.org/arch/msg/oauth/sl-g6zYSpJW3sYqrR0peadUw54U/
 -->
