Set SameSite default to Lax

Issue: SPR-16418
This commit is contained in:
Vedran Pavic
2018-07-20 23:19:21 +02:00
committed by Brian Clozel
parent 0def1640f2
commit 82194f4ee0
2 changed files with 4 additions and 4 deletions

View File

@@ -44,13 +44,13 @@ public class CookieWebSessionIdResolverTests {
assertEquals(1, cookies.size());
ResponseCookie cookie = cookies.getFirst(this.resolver.getCookieName());
assertNotNull(cookie);
assertEquals("SESSION=123; Path=/; Secure; HttpOnly; SameSite=Strict", cookie.toString());
assertEquals("SESSION=123; Path=/; Secure; HttpOnly; SameSite=Lax", cookie.toString());
}
@Test
public void cookieInitializer() {
this.resolver.addCookieInitializer(builder -> builder.domain("example.org"));
this.resolver.addCookieInitializer(builder -> builder.sameSite("Lax"));
this.resolver.addCookieInitializer(builder -> builder.sameSite("Strict"));
this.resolver.addCookieInitializer(builder -> builder.secure(false));
MockServerHttpRequest request = MockServerHttpRequest.get("https://example.org/path").build();
@@ -61,7 +61,7 @@ public class CookieWebSessionIdResolverTests {
assertEquals(1, cookies.size());
ResponseCookie cookie = cookies.getFirst(this.resolver.getCookieName());
assertNotNull(cookie);
assertEquals("SESSION=123; Path=/; Domain=example.org; HttpOnly; SameSite=Lax", cookie.toString());
assertEquals("SESSION=123; Path=/; Domain=example.org; HttpOnly; SameSite=Strict", cookie.toString());
}
}