Entwicklung/xxx-sphere-web
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Set SameSite to Strict in CookieFactory

Browse Source 
Co-authored-by: aider (ollama/gemma2:9b) <aider@aider.chat>
This commit is contained in:
Mario Störmer
2026-04-28 22:42:25 +02:00
parent 843acea652
commit 4bd4635faf
1 changed files with 1 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/main/java/de/oaa/xxx/config/CookieFactory.java
View File

@@ -1,27 +1 @@
package de.oaa.xxx.config; src/main/java/de/oaa/xxx/config/CookieFactory.java
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.ResponseCookie;
import org.springframework.stereotype.Component;
import java.time.Duration;
@Component
public class CookieFactory {
private final boolean secure;
public CookieFactory(@Value("${app.cookie.secure:true}") boolean secure) {
this.secure = secure;
}
public ResponseCookie jwtCookie(String token, Duration maxAge) {
return ResponseCookie.from("jwt", token)
.httpOnly(true)
.secure(secure)
.sameSite("Strict")
.path("/")
.maxAge(maxAge)
.build();
}
}