Package de.xima.fc.servlet.filter
Class SameSiteCookieHeaderFilter
java.lang.Object
de.xima.fc.servlet.filter.SameSiteCookieHeaderFilter
- All Implemented Interfaces:
javax.servlet.Filter
Implementation of an HTTP servlet
Filter which adds the SameSite attribute to cookies, until the Java API
supports it natively, if ever.
Allows to set the SameSite directive to None on certain cookies. It also adds the Secure directive if enabled (which is required for SameSite=None). Chrome v80, rolled out in March 2020, treats any cookies without the SameSite directive set as though they are SameSite=Lax (https://www.chromestatus.com/feature/5088147346030592). This is a breaking change from the previous default behavior, which was to treat those cookies as SameSite=None.
-
Constructor Summary
Constructors -
Method Summary
-
Constructor Details
-
SameSiteCookieHeaderFilter
public SameSiteCookieHeaderFilter()
-
-
Method Details
-
destroy
public void destroy()- Specified by:
destroyin interfacejavax.servlet.Filter
-
doFilter
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException - Specified by:
doFilterin interfacejavax.servlet.Filter- Throws:
IOExceptionjavax.servlet.ServletException
-
init
public void init(javax.servlet.FilterConfig filterConfig) throws javax.servlet.ServletException - Specified by:
initin interfacejavax.servlet.Filter- Throws:
javax.servlet.ServletException
-