From c247dfea4fe0455a1208a52047cb7a3055c7d93c Mon Sep 17 00:00:00 2001 From: bflykky Date: Sat, 3 Aug 2024 00:09:15 +0900 Subject: [PATCH] =?UTF-8?q?fix:=20SameSite=20=EC=86=8D=EC=84=B1=20?= =?UTF-8?q?=EC=82=AC=EC=9A=A9=EC=9D=84=20=EC=9C=84=ED=95=B4=20ResponseCook?= =?UTF-8?q?ie=20=EC=82=AC=EC=9A=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../global/security/util/CookieUtils.java | 21 +++++++++++-------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/src/main/java/com/umc/naoman/global/security/util/CookieUtils.java b/src/main/java/com/umc/naoman/global/security/util/CookieUtils.java index 3ca1634..39e9ae4 100644 --- a/src/main/java/com/umc/naoman/global/security/util/CookieUtils.java +++ b/src/main/java/com/umc/naoman/global/security/util/CookieUtils.java @@ -4,21 +4,24 @@ import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import org.apache.commons.lang3.SerializationUtils; +import org.springframework.http.HttpHeaders; +import org.springframework.http.ResponseCookie; import org.springframework.web.util.WebUtils; import java.io.Serializable; import java.util.Base64; public class CookieUtils { - public static void addCookie(HttpServletResponse response, String name, String value, - int maxAge) { - Cookie cookie = new Cookie(name, value); - cookie.setPath("/"); - cookie.setMaxAge(maxAge); - // HTTPS 적용 시 함께 적용 - cookie.setSecure(true); - cookie.setHttpOnly(true); - response.addCookie(cookie); + public static void addCookie(HttpServletResponse response, String name, String value, int maxAge) { + ResponseCookie cookie = ResponseCookie.from(name, value) + .path("/") + .maxAge(maxAge) + .httpOnly(true) + .secure(true) + .sameSite("None") + .build(); + + response.addHeader(HttpHeaders.SET_COOKIE, cookie.toString()); } public static void deleteCookie(HttpServletRequest request, HttpServletResponse response,