public class SameSiteCookies extends Object
When the SameSite setting is enabled in the security configuration,
the SameSiteCookiesFilter class will create, in the HTTP response,
a dedicated Set-Cookie header with a SameSite=None attribute
for each shared cookie and each path of delegated UIs and previews of the product.
Products are recommended to register at initialization time:
/servlet/oslc-connect/my-preview),
using setPaths(String...).JSESSIONID),
using setDefaultNames(String...).SameSiteCookiesFilter| Constructor and Description |
|---|
SameSiteCookies() |
| Modifier and Type | Method and Description |
|---|---|
static void |
setDefaultNames(String... cookies)
Registers the given cookie names as default shared cookies (e.g
JSESSIONID). |
static void |
setPaths(String... paths)
Registers the paths of delegated UIs and previews of the product (e.g.
|
public static void setPaths(String... paths)
/servlet/oslc-connect/my-preview).
Products are recommended to register at initialization time those paths.
paths - the paths of delegated UIs and previews of the productSameSiteCookiesFilterpublic static void setDefaultNames(String... cookies) throws SettingStoreException
JSESSIONID).
Products are recommended to register at initialization time the default session cookies as shared cookies.
The session cookie is usually JSESSIONID, but this may vary depending on the web container or integration.
It is worth noting that this method is only for initializing the list of default shared cookies. It doesn't alter the actual list of shared cookies if they were configured by the server administrator.
cookies - the cookie names to set as default in the Shared Cookies setting.SettingStoreException - if an error occurs while querying or updating the setting store.