From 62ba05aa97fe96912e12dfdea470cc08813c3171 Mon Sep 17 00:00:00 2001 From: IN40068837 Date: Wed, 12 Mar 2025 20:25:38 +0530 Subject: [PATCH 1/2] sameSite strict for production change --- src/main/java/com/iemr/common/utils/CookieUtil.java | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/main/java/com/iemr/common/utils/CookieUtil.java b/src/main/java/com/iemr/common/utils/CookieUtil.java index 8c0a0b76..678f639c 100644 --- a/src/main/java/com/iemr/common/utils/CookieUtil.java +++ b/src/main/java/com/iemr/common/utils/CookieUtil.java @@ -3,6 +3,7 @@ import java.util.Arrays; import java.util.Optional; +import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; import jakarta.servlet.http.Cookie; @@ -11,6 +12,9 @@ @Service public class CookieUtil { + + @Value("${isProduction}") + private Boolean isProduction; public Optional getCookieValue(HttpServletRequest request, String cookieName) { Cookie[] cookies = request.getCookies(); @@ -39,6 +43,9 @@ public void addJwtTokenToCookie(String Jwttoken, HttpServletResponse response, H // Set the SameSite attribute for cross-site request handling (if needed) String sameSite = "None"; // Allow cross-site cookies (can be 'Strict', 'Lax', or 'None') + if(isProduction) { + sameSite= "Strict"; + } cookie.setSecure(true); // Build the Set-Cookie header manually (to add SameSite attribute support) From d2f46296d35b5176a2cd6dfa0b3cc079042073bb Mon Sep 17 00:00:00 2001 From: IN40068837 Date: Mon, 17 Mar 2025 15:19:28 +0530 Subject: [PATCH 2/2] environment property added for isproduction --- src/main/environment/common_ci.properties | 1 + src/main/environment/common_dev.properties | 1 + src/main/environment/common_example.properties | 2 +- src/main/environment/common_test.properties | 1 + src/main/environment/common_uat.properties | 1 + 5 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/main/environment/common_ci.properties b/src/main/environment/common_ci.properties index abf01fd6..01ce7abe 100644 --- a/src/main/environment/common_ci.properties +++ b/src/main/environment/common_ci.properties @@ -161,5 +161,6 @@ springdoc.api-docs.enabled=false springdoc.swagger-ui.enabled=false grievanceAllocationRetryConfiguration=1 +isProduction=false diff --git a/src/main/environment/common_dev.properties b/src/main/environment/common_dev.properties index ee25f9c9..6d9c6059 100644 --- a/src/main/environment/common_dev.properties +++ b/src/main/environment/common_dev.properties @@ -187,3 +187,4 @@ springdoc.api-docs.enabled=true springdoc.swagger-ui.enabled=true grievanceAllocationRetryConfiguration=1 +isProduction=false diff --git a/src/main/environment/common_example.properties b/src/main/environment/common_example.properties index 1c752ac1..18ef7433 100644 --- a/src/main/environment/common_example.properties +++ b/src/main/environment/common_example.properties @@ -187,6 +187,6 @@ springdoc.api-docs.enabled=true springdoc.swagger-ui.enabled=true grievanceAllocationRetryConfiguration=1 - +isProduction=false diff --git a/src/main/environment/common_test.properties b/src/main/environment/common_test.properties index fd3de195..b0392cfa 100644 --- a/src/main/environment/common_test.properties +++ b/src/main/environment/common_test.properties @@ -189,3 +189,4 @@ springdoc.api-docs.enabled=true springdoc.swagger-ui.enabled=true grievanceAllocationRetryConfiguration=1 +isProduction=false diff --git a/src/main/environment/common_uat.properties b/src/main/environment/common_uat.properties index d0914520..fc097c86 100644 --- a/src/main/environment/common_uat.properties +++ b/src/main/environment/common_uat.properties @@ -160,3 +160,4 @@ springdoc.api-docs.enabled=true springdoc.swagger-ui.enabled=true grievanceAllocationRetryConfiguration=1 +isProduction=false