Class SameSiteCookieHeaderFilter.SameSiteResponseProxy
java.lang.Object
javax.servlet.ServletResponseWrapper
javax.servlet.http.HttpServletResponseWrapper
net.shibboleth.utilities.java.support.net.SameSiteCookieHeaderFilter.SameSiteResponseProxy
- All Implemented Interfaces:
javax.servlet.http.HttpServletResponse
,javax.servlet.ServletResponse
- Enclosing class:
- SameSiteCookieHeaderFilter
private class SameSiteCookieHeaderFilter.SameSiteResponseProxy
extends javax.servlet.http.HttpServletResponseWrapper
An implementation of the
HttpServletResponse
which adds the same-site flag to Set-Cookie
headers for the set of configured cookies.-
Field Summary
Fields Modifier and Type Field Description private javax.servlet.http.HttpServletResponse
response
The response.Fields inherited from interface javax.servlet.http.HttpServletResponse
SC_ACCEPTED, SC_BAD_GATEWAY, SC_BAD_REQUEST, SC_CONFLICT, SC_CONTINUE, SC_CREATED, SC_EXPECTATION_FAILED, SC_FORBIDDEN, SC_FOUND, SC_GATEWAY_TIMEOUT, SC_GONE, SC_HTTP_VERSION_NOT_SUPPORTED, SC_INTERNAL_SERVER_ERROR, SC_LENGTH_REQUIRED, SC_METHOD_NOT_ALLOWED, SC_MOVED_PERMANENTLY, SC_MOVED_TEMPORARILY, SC_MULTIPLE_CHOICES, SC_NO_CONTENT, SC_NON_AUTHORITATIVE_INFORMATION, SC_NOT_ACCEPTABLE, SC_NOT_FOUND, SC_NOT_IMPLEMENTED, SC_NOT_MODIFIED, SC_OK, SC_PARTIAL_CONTENT, SC_PAYMENT_REQUIRED, SC_PRECONDITION_FAILED, SC_PROXY_AUTHENTICATION_REQUIRED, SC_REQUEST_ENTITY_TOO_LARGE, SC_REQUEST_TIMEOUT, SC_REQUEST_URI_TOO_LONG, SC_REQUESTED_RANGE_NOT_SATISFIABLE, SC_RESET_CONTENT, SC_SEE_OTHER, SC_SERVICE_UNAVAILABLE, SC_SWITCHING_PROTOCOLS, SC_TEMPORARY_REDIRECT, SC_UNAUTHORIZED, SC_UNSUPPORTED_MEDIA_TYPE, SC_USE_PROXY
-
Constructor Summary
Constructors Constructor Description SameSiteResponseProxy(javax.servlet.http.HttpServletResponse resp)
Constructor. -
Method Summary
Modifier and Type Method Description private void
appendSameSite()
Add the SameSite attribute to those cookies configured in thesameSiteCookies
map iff they do not already contain the same-site flag.private void
appendSameSiteAttribute(String cookieHeader, String sameSiteValue, boolean first)
Append the SameSite cookie attribute with the specified samesite-value to thecookieHeader
iff it does not already have one set.javax.servlet.ServletOutputStream
getOutputStream()
PrintWriter
getWriter()
void
sendError(int sc)
void
sendError(int sc, String msg)
void
sendRedirect(String location)
Methods inherited from class javax.servlet.http.HttpServletResponseWrapper
addCookie, addDateHeader, addHeader, addIntHeader, containsHeader, encodeRedirectUrl, encodeRedirectURL, encodeUrl, encodeURL, getHeader, getHeaderNames, getHeaders, getStatus, setDateHeader, setHeader, setIntHeader, setStatus, setStatus
Methods inherited from class javax.servlet.ServletResponseWrapper
flushBuffer, getBufferSize, getCharacterEncoding, getContentType, getLocale, getResponse, isCommitted, isWrapperFor, isWrapperFor, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLength, setContentLengthLong, setContentType, setLocale, setResponse
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface javax.servlet.ServletResponse
flushBuffer, getBufferSize, getCharacterEncoding, getContentType, getLocale, isCommitted, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLength, setContentLengthLong, setContentType, setLocale
-
Field Details
-
response
@Nonnull private final javax.servlet.http.HttpServletResponse responseThe response.
-
-
Constructor Details
-
SameSiteResponseProxy
public SameSiteResponseProxy(@Nonnull javax.servlet.http.HttpServletResponse resp)Constructor.- Parameters:
resp
- the response to delegate to
-
-
Method Details
-
sendError
- Specified by:
sendError
in interfacejavax.servlet.http.HttpServletResponse
- Overrides:
sendError
in classjavax.servlet.http.HttpServletResponseWrapper
- Throws:
IOException
-
getWriter
- Specified by:
getWriter
in interfacejavax.servlet.ServletResponse
- Overrides:
getWriter
in classjavax.servlet.ServletResponseWrapper
- Throws:
IOException
-
sendError
- Specified by:
sendError
in interfacejavax.servlet.http.HttpServletResponse
- Overrides:
sendError
in classjavax.servlet.http.HttpServletResponseWrapper
- Throws:
IOException
-
sendRedirect
- Specified by:
sendRedirect
in interfacejavax.servlet.http.HttpServletResponse
- Overrides:
sendRedirect
in classjavax.servlet.http.HttpServletResponseWrapper
- Throws:
IOException
-
getOutputStream
- Specified by:
getOutputStream
in interfacejavax.servlet.ServletResponse
- Overrides:
getOutputStream
in classjavax.servlet.ServletResponseWrapper
- Throws:
IOException
-
appendSameSite
private void appendSameSite()Add the SameSite attribute to those cookies configured in thesameSiteCookies
map iff they do not already contain the same-site flag. All other cookies are copied over to the response without modification. -
appendSameSiteAttribute
private void appendSameSiteAttribute(@Nonnull @NotEmpty String cookieHeader, @Nonnull @NotEmpty String sameSiteValue, @Nonnull boolean first)Append the SameSite cookie attribute with the specified samesite-value to thecookieHeader
iff it does not already have one set.- Parameters:
cookieHeader
- the cookie header valuesameSiteValue
- the SameSite attribute value e.g. None, Lax, or Strictfirst
- true iff this is the first Set-Cookie header
-