[deltaspike] branch master updated: DELTASPIKE-1435 Add SameSite=Strict to windowhandler.js

Fri, 31 Mar 2023 01:32:24 -0700 

This is an automated email from the ASF dual-hosted git repository.

tandraschko pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/deltaspike.git


The following commit(s) were added to refs/heads/master by this push:
     new ee75c070d DELTASPIKE-1435 Add SameSite=Strict to windowhandler.js
     new 124c037c9 Merge pull request #118 from j-be/jbe-DELTASPIKE-1435
ee75c070d is described below

commit ee75c070dbb5e178978d0674cf949ea7de9ad000
Author: Juri Berlanda <[email protected]>
AuthorDate: Fri Aug 13 11:45:01 2021 +0200

    DELTASPIKE-1435 Add SameSite=Strict to windowhandler.js
    
    Firefox complains about the missing flag, and announces, that the Cookie
    "will be soon rejected". Enforcing SameSite=Strict in JavaScript (as
    already done on server side makes Firefox happy, and hence the warning go
    away.
    
    Signed-off-by: Juri Berlanda <[email protected]>
---
 .../src/main/resources/META-INF/resources/deltaspike/windowhandler.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git 
a/deltaspike/modules/jsf/impl/src/main/resources/META-INF/resources/deltaspike/windowhandler.js
 
b/deltaspike/modules/jsf/impl/src/main/resources/META-INF/resources/deltaspike/windowhandler.js
index 851a35c0e..5125e1448 100644
--- 
a/deltaspike/modules/jsf/impl/src/main/resources/META-INF/resources/deltaspike/windowhandler.js
+++ 
b/deltaspike/modules/jsf/impl/src/main/resources/META-INF/resources/deltaspike/windowhandler.js
@@ -600,7 +600,7 @@ window.dswh = window.dswh || {
             date.setTime(date.getTime()-(10*24*60*60*1000)); // - 10 day
             var expires = ";max-age=0;expires=" + date.toGMTString();
 
-            document.cookie = cookieName + "=" + expires + "; path=/";
+            document.cookie = cookieName + "=" + expires + "; path=/; 
SameSite=Strict";
         },
 
         generateNewRequestToken : function() {
@@ -616,7 +616,7 @@ window.dswh = window.dswh || {
             expiresDate.setTime(expiresDate.getTime() + (seconds * 1000));
             var expires = "; expires=" + expiresDate.toGMTString();
 
-            document.cookie = name + '=' + value + expires + "; path=/";
+            document.cookie = name + '=' + value + expires + "; path=/; 
SameSite=Strict";
         },
 
         log : function(message) {

Reply via email to