Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 09:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Jakarta Cookie HttpOnly Serialization

Browse Source 
The new specification represents Cookie attribute using HttpOnly: "" vs
HttpOnly: "true".

This updates the test to correspond to the new Servlet specification and
is a breaking change related to jakarta updates.
This commit is contained in:
Rob Winch 2025-05-06 11:41:59 -05:00
parent 0e2d864b09
commit e5e962ef90
No known key found for this signature in database
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
web/src/main/java/org/springframework/security/web/jackson2/CookieDeserializer.java
View File

@ -52,7 +52,7 @@ class CookieDeserializer extends JsonDeserializer<Cookie> {
cookie.setVersion(readJsonNode(jsonNode, "version").asInt());
cookie.setPath(readJsonNode(jsonNode, "path").asText());
JsonNode attributes = readJsonNode(jsonNode, "attributes");
cookie.setHttpOnly(readJsonNode(attributes, "HttpOnly").asBoolean());
cookie.setHttpOnly(readJsonNode(attributes, "HttpOnly") != null);
return cookie;
}

2
web/src/test/java/org/springframework/security/web/jackson2/CookieMixinTests.java
View File

@ -52,7 +52,7 @@ public class CookieMixinTests extends AbstractMixinTests {
" \"@class\": \"jakarta.servlet.http.Cookie\"," +
" \"name\": \"demo\"," +
" \"value\": \"cookie1\"," +
" \"attributes\":{\"@class\":\"java.util.Collections$UnmodifiableMap\", \"HttpOnly\": \"true\"}," +
" \"attributes\":{\"@class\":\"java.util.Collections$UnmodifiableMap\", \"HttpOnly\": \"\"}," +
" \"comment\": null," +
" \"maxAge\": -1," +
" \"path\": null," +