New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for configuring default `CookieSerializer` using `SessionCookieConfig` #713

Merged
merged 1 commit into from Jun 13, 2017

Conversation

Projects
None yet
2 participants
@vpavic
Member

vpavic commented Jan 15, 2017

This resolves #87.

The proposed solution doesn't map two attributes from SessionCookieConfig:

  • secure: DefaultCookieSerializer#useSecureCookie defaults to null and relies on ServletRequest#isSecure which means mapping a value from SessionCookieConfig would override our default (since secure is a primitive boolean over there and typically defaults to false)
  • httpOnly: DefaultCookieSerializer#useHttpOnlyCookie defaults to true in Servlet 3.0+ environments which means our default would be overridden in httpOnly typically defaults to false

Other than that integration tests in Boot based samples needed to be updated with explicit MockServletContext due to MockSessionCookieConfig#maxAge defaulting to 0 instead of -1. I've opened SPR-15142 to address that.

@vpavic

This comment has been minimized.

Show comment
Hide comment
@vpavic

vpavic Jan 16, 2017

Member

PR updated due to SPR-15142 being fixed in the master via spring-projects/spring-framework#1298.

Member

vpavic commented Jan 16, 2017

PR updated due to SPR-15142 being fixed in the master via spring-projects/spring-framework#1298.

@rwinch rwinch self-assigned this Jun 13, 2017

@rwinch rwinch added this to the 2.0.0.M2 milestone Jun 13, 2017

@rwinch rwinch added the duplicate label Jun 13, 2017

@vpavic vpavic merged commit 3c52298 into spring-projects:master Jun 13, 2017

2 checks passed

ci/pivotal-cla Thank you for signing the Contributor License Agreement!
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@vpavic vpavic deleted the vpavic:gh-87 branch Jun 13, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment