reiern70 commented on code in PR #566:
URL: https://github.com/apache/wicket/pull/566#discussion_r1155773675
##########
wicket-extensions/src/main/java/org/apache/wicket/extensions/ajax/wicket-ajaxdownload.js:
##########
@@ -28,7 +28,7 @@
Wicket.AjaxDownload = {
initiate : function(settings) {
document.cookie = settings.name +
- '=;path=/;Max-Age=0;expires=Thu, 01 Jan 1970
00:00:01 GMT';
+ '=;path=/;Max-Age=0;expires=Thu, 01 Jan 1970
00:00:01 GMT; SameSite=None; Secure';
Review Comment:
A cookie is just some special header... Maybe this is teh approach we should
follow here so that we can have the same at client side and server side.
Because if we use setCookie then, at least in case fo tomcat, application sever
will use its own machiney to write SameSite attibuture (e.g. see
Rfc6265CookieProcessor)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
