Skip to content

Add the ability to set the SameSite policy to the CRSF Cookie #12237

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Add the ability to set the SameSite policy to the CRSF Cookie #12237

wants to merge 2 commits into from

Conversation

kumo829
Copy link
Contributor

@kumo829 kumo829 commented Nov 18, 2022

Add a customizer to CookieCsrfTokenRepository and CookieServerCsrfTokenRepository

  • Mark setCookieHttpOnly, setCookieDomain, setCookieMaxAge and setSecure as deprecated.
  • Add the method setCookieCustomizer which allows to set properties to the ResponseCookieBuilder without having to add new setter methods.

Closes gh-12086

@kumo829
Add a customizer to CookieCsrfTokenRepository and CookieServerCsrfTok…
4075c5f 
…enRepository

- Mark setCookieHttpOnly, setCookieDomain, setCookieMaxAge and setSecure as deprecated.
- Add the method setCookieCustomizer which allows to set properties to the ResponseCookieBuilder without having to add new setter methods.

Closes spring-projectsgh-12086
@kumo829
JUnit 5 test cleanup for CookieCsrfTokenRepositoryTests and CookieSer…
853c458 
…verCsrfTokenRepositoryTests
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Nov 18, 2022
@kumo829 kumo829 mentioned this pull request Nov 18, 2022
Closed
@jzheaux jzheaux self-assigned this Nov 18, 2022
@jzheaux jzheaux added this to the 6.1.0-M1 milestone Nov 18, 2022
@jzheaux jzheaux added status: duplicate A duplicate of another issue in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged labels Nov 18, 2022
jzheaux
jzheaux approved these changes Nov 18, 2022
View reviewed changes
Copy link
Contributor

@jzheaux jzheaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, @kumo829! We'll merge after 6.0 releases and we move main to feature development.

@marcusdacoregio
Copy link
Contributor

Merged via b79ba89

@marcusdacoregio marcusdacoregio mentioned this pull request Nov 13, 2023
Closed
@marcusdacoregio marcusdacoregio mentioned this pull request Feb 14, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jzheaux jzheaux jzheaux approved these changes

Assignees

@jzheaux jzheaux

Labels
in: web An issue in web modules (web, webmvc) status: duplicate A duplicate of another issue type: enhancement A general enhancement
Projects
None yet
Milestone
6.1.0-M1
Development

Successfully merging this pull request may close these issues.

Add an option to set the SameSite policy in the CookieCsrfTokenRepository
4 participants
@kumo829 @marcusdacoregio @jzheaux @spring-projects-issues