Add Partitioned cookie attribute support for servers

This commit adds support for the "Partitioned" cookie attribute in
WebFlux servers and the related testing infrastructure.
Note, Undertow does not support this feature at the moment.

Closes gh-31454
This commit is contained in:
Brian Clozel
2024-06-07 10:03:52 +02:00
parent 2aabe238c6
commit 7fc4937199
18 changed files with 178 additions and 10 deletions

View File

@@ -37,12 +37,12 @@ class ResponseCookieTests {
assertThat(ResponseCookie.from("id", "1fWa").build().toString()).isEqualTo("id=1fWa");
ResponseCookie cookie = ResponseCookie.from("id", "1fWa")
.domain("abc").path("/path").maxAge(0).httpOnly(true).secure(true).sameSite("None")
.domain("abc").path("/path").maxAge(0).httpOnly(true).partitioned(true).secure(true).sameSite("None")
.build();
assertThat(cookie.toString()).isEqualTo("id=1fWa; Path=/path; Domain=abc; " +
"Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; " +
"Secure; HttpOnly; SameSite=None");
"Secure; HttpOnly; Partitioned; SameSite=None");
}
@Test

View File

@@ -70,13 +70,32 @@ class CookieIntegrationTests extends AbstractHttpHandlerIntegrationTests {
List<String> cookie0 = splitCookie(headerValues.get(0));
assertThat(cookie0.remove("SID=31d4d96e407aad42")).as("SID").isTrue();
assertThat(cookie0.stream().map(String::toLowerCase))
.containsExactlyInAnyOrder("path=/", "secure", "httponly");
.contains("path=/", "secure", "httponly");
List<String> cookie1 = splitCookie(headerValues.get(1));
assertThat(cookie1.remove("lang=en-US")).as("lang").isTrue();
assertThat(cookie1.stream().map(String::toLowerCase))
.containsExactlyInAnyOrder("path=/", "domain=example.com");
}
@ParameterizedHttpServerTest
public void partitionedAttributeTest(HttpServer httpServer) throws Exception {
assumeFalse(httpServer instanceof UndertowHttpServer, "Undertow does not support Partitioned cookies");
startServer(httpServer);
URI url = URI.create("http://localhost:" + port);
String header = "SID=31d4d96e407aad42; lang=en-US";
ResponseEntity<Void> response = new RestTemplate().exchange(
RequestEntity.get(url).header("Cookie", header).build(), Void.class);
List<String> headerValues = response.getHeaders().get("Set-Cookie");
assertThat(headerValues).hasSize(2);
List<String> cookie0 = splitCookie(headerValues.get(0));
assertThat(cookie0.remove("SID=31d4d96e407aad42")).as("SID").isTrue();
assertThat(cookie0.stream().map(String::toLowerCase))
.contains("partitioned");
}
@ParameterizedHttpServerTest
public void cookiesWithSameNameTest(HttpServer httpServer) throws Exception {
assumeFalse(httpServer instanceof UndertowHttpServer, "Bug in Undertow in Cookies with same name handling");
@@ -116,7 +135,7 @@ class CookieIntegrationTests extends AbstractHttpHandlerIntegrationTests {
this.requestCookies.size(); // Cause lazy loading
response.getCookies().add("SID", ResponseCookie.from("SID", "31d4d96e407aad42")
.path("/").secure(true).httpOnly(true).build());
.path("/").secure(true).httpOnly(true).partitioned(true).build());
response.getCookies().add("lang", ResponseCookie.from("lang", "en-US")
.domain("example.com").path("/").build());