解决Cookie 具有缺失、不一致或矛盾属性

问题:

When cookies lack the SameSite attribute, Web browsers may apply different and sometimes unexpected defaults. It is therefore recommended to add a SameSite attribute with an appropriate value of either "Strict", "Lax", or "None".

解决:

Cookie[] cookies = hreq.getCookies();
if (cookies != null){
	StringBuilder sb = new StringBuilder();
	for (Cookie cookie : cookies){
		sb.append(cookie.getName()).append("=").append(cookie.getValue()).append(";");
		sb.append("Path="+hreq.getContextPath());
		sb.append(";HttpOnly; SameSite=Lax");
		hresp.addHeader(HttpHeaders.SET_COOKIE,sb.toString());
	}
}

注意:要使用addHeader,否则
只解决最后一个cookie解决Cookie 具有缺失、不一致或矛盾属性_第1张图片

你可能感兴趣的:(java,前端,服务器)