root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 15 Packages Projects Releases Wiki Activity

Merge branch '2.6.x' into 2.7.x 

Closes gh-28951
This commit is contained in:
Stephane Nicoll 2021-12-09 16:00:09 +01:00
parent 40f5cffd7d 770e509c06
commit a2eeb77e21
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/session/SessionAutoConfiguration.java
View File

@ -48,6 +48,7 @@ import org.springframework.boot.autoconfigure.web.reactive.WebFluxProperties;
import org.springframework.boot.autoconfigure.web.reactive.WebSessionIdResolverAutoConfiguration;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.context.properties.PropertyMapper;
import org.springframework.boot.web.server.Cookie.SameSite;
import org.springframework.boot.web.servlet.server.Session.Cookie;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
@ -106,6 +107,7 @@ public class SessionAutoConfiguration {
map.from(cookie::getHttpOnly).to(cookieSerializer::setUseHttpOnlyCookie);
map.from(cookie::getSecure).to(cookieSerializer::setUseSecureCookie);
map.from(cookie::getMaxAge).asInt(Duration::getSeconds).to(cookieSerializer::setCookieMaxAge);
map.from(cookie::getSameSite).as(SameSite::attributeValue).to(cookieSerializer::setSameSite);
cookieSerializerCustomizers.orderedStream().forEach((customizer) -> customizer.customize(cookieSerializer));
return cookieSerializer;
}

3
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/session/SessionAutoConfigurationTests.java
View File

@ -143,7 +143,7 @@ class SessionAutoConfigurationTests extends AbstractSessionAutoConfigurationTest
.withPropertyValues("server.servlet.session.cookie.name=sid",
"server.servlet.session.cookie.domain=spring", "server.servlet.session.cookie.path=/test",
"server.servlet.session.cookie.httpOnly=false", "server.servlet.session.cookie.secure=false",
"server.servlet.session.cookie.maxAge=10s")
"server.servlet.session.cookie.maxAge=10s", "server.servlet.session.cookie.sameSite=strict")
.run((context) -> {
DefaultCookieSerializer cookieSerializer = context.getBean(DefaultCookieSerializer.class);
assertThat(cookieSerializer).hasFieldOrPropertyWithValue("cookieName", "sid");
@ -152,6 +152,7 @@ class SessionAutoConfigurationTests extends AbstractSessionAutoConfigurationTest
assertThat(cookieSerializer).hasFieldOrPropertyWithValue("useHttpOnlyCookie", false);
assertThat(cookieSerializer).hasFieldOrPropertyWithValue("useSecureCookie", false);
assertThat(cookieSerializer).hasFieldOrPropertyWithValue("cookieMaxAge", 10);
assertThat(cookieSerializer).hasFieldOrPropertyWithValue("sameSite", "Strict");
});
}