Stephane Nicoll
commit
a2eeb77e21
|
|
@ -48,6 +48,7 @@ import org.springframework.boot.autoconfigure.web.reactive.WebFluxProperties;
|
||||||
import org.springframework.boot.autoconfigure.web.reactive.WebSessionIdResolverAutoConfiguration;
|
import org.springframework.boot.autoconfigure.web.reactive.WebSessionIdResolverAutoConfiguration;
|
||||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||||
import org.springframework.boot.context.properties.PropertyMapper;
|
import org.springframework.boot.context.properties.PropertyMapper;
|
||||||
|
import org.springframework.boot.web.server.Cookie.SameSite;
|
||||||
import org.springframework.boot.web.servlet.server.Session.Cookie;
|
import org.springframework.boot.web.servlet.server.Session.Cookie;
|
||||||
import org.springframework.context.ApplicationContext;
|
import org.springframework.context.ApplicationContext;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
|
|
@ -106,6 +107,7 @@ public class SessionAutoConfiguration {
|
||||||
map.from(cookie::getHttpOnly).to(cookieSerializer::setUseHttpOnlyCookie);
|
map.from(cookie::getHttpOnly).to(cookieSerializer::setUseHttpOnlyCookie);
|
||||||
map.from(cookie::getSecure).to(cookieSerializer::setUseSecureCookie);
|
map.from(cookie::getSecure).to(cookieSerializer::setUseSecureCookie);
|
||||||
map.from(cookie::getMaxAge).asInt(Duration::getSeconds).to(cookieSerializer::setCookieMaxAge);
|
map.from(cookie::getMaxAge).asInt(Duration::getSeconds).to(cookieSerializer::setCookieMaxAge);
|
||||||
|
map.from(cookie::getSameSite).as(SameSite::attributeValue).to(cookieSerializer::setSameSite);
|
||||||
cookieSerializerCustomizers.orderedStream().forEach((customizer) -> customizer.customize(cookieSerializer));
|
cookieSerializerCustomizers.orderedStream().forEach((customizer) -> customizer.customize(cookieSerializer));
|
||||||
return cookieSerializer;
|
return cookieSerializer;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -143,7 +143,7 @@ class SessionAutoConfigurationTests extends AbstractSessionAutoConfigurationTest
|
||||||
.withPropertyValues("server.servlet.session.cookie.name=sid",
|
.withPropertyValues("server.servlet.session.cookie.name=sid",
|
||||||
"server.servlet.session.cookie.domain=spring", "server.servlet.session.cookie.path=/test",
|
"server.servlet.session.cookie.domain=spring", "server.servlet.session.cookie.path=/test",
|
||||||
"server.servlet.session.cookie.httpOnly=false", "server.servlet.session.cookie.secure=false",
|
"server.servlet.session.cookie.httpOnly=false", "server.servlet.session.cookie.secure=false",
|
||||||
"server.servlet.session.cookie.maxAge=10s")
|
"server.servlet.session.cookie.maxAge=10s", "server.servlet.session.cookie.sameSite=strict")
|
||||||
.run((context) -> {
|
.run((context) -> {
|
||||||
DefaultCookieSerializer cookieSerializer = context.getBean(DefaultCookieSerializer.class);
|
DefaultCookieSerializer cookieSerializer = context.getBean(DefaultCookieSerializer.class);
|
||||||
assertThat(cookieSerializer).hasFieldOrPropertyWithValue("cookieName", "sid");
|
assertThat(cookieSerializer).hasFieldOrPropertyWithValue("cookieName", "sid");
|
||||||
|
|
@ -152,6 +152,7 @@ class SessionAutoConfigurationTests extends AbstractSessionAutoConfigurationTest
|
||||||
assertThat(cookieSerializer).hasFieldOrPropertyWithValue("useHttpOnlyCookie", false);
|
assertThat(cookieSerializer).hasFieldOrPropertyWithValue("useHttpOnlyCookie", false);
|
||||||
assertThat(cookieSerializer).hasFieldOrPropertyWithValue("useSecureCookie", false);
|
assertThat(cookieSerializer).hasFieldOrPropertyWithValue("useSecureCookie", false);
|
||||||
assertThat(cookieSerializer).hasFieldOrPropertyWithValue("cookieMaxAge", 10);
|
assertThat(cookieSerializer).hasFieldOrPropertyWithValue("cookieMaxAge", 10);
|
||||||
|
assertThat(cookieSerializer).hasFieldOrPropertyWithValue("sameSite", "Strict");
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue