Package net.shibboleth.shared.spring.servlet.impl

Class SameSiteCookieHeaderFilter.SameSiteResponseProxy

java.lang.Object

jakarta.servlet.ServletResponseWrapper

jakarta.servlet.http.HttpServletResponseWrapper

net.shibboleth.shared.spring.servlet.impl.SameSiteCookieHeaderFilter.SameSiteResponseProxy

All Implemented Interfaces:

HttpServletResponse, ServletResponse

Enclosing class:

SameSiteCookieHeaderFilter

private class SameSiteCookieHeaderFilter.SameSiteResponseProxy
extends HttpServletResponseWrapper

An implementation of the HttpServletResponse which adds the same-site flag to Set-Cookie headers for the set of configured cookies.

Field Summary

Fields

Modifier and Type	Field	Description
private final HttpServletResponse	response	The response.

Fields inherited from interface jakarta.servlet.http.HttpServletResponse

SC_ACCEPTED, SC_BAD_GATEWAY, SC_BAD_REQUEST, SC_CONFLICT, SC_CONTINUE, SC_CREATED, SC_EXPECTATION_FAILED, SC_FORBIDDEN, SC_FOUND, SC_GATEWAY_TIMEOUT, SC_GONE, SC_HTTP_VERSION_NOT_SUPPORTED, SC_INTERNAL_SERVER_ERROR, SC_LENGTH_REQUIRED, SC_METHOD_NOT_ALLOWED, SC_MOVED_PERMANENTLY, SC_MOVED_TEMPORARILY, SC_MULTIPLE_CHOICES, SC_NO_CONTENT, SC_NON_AUTHORITATIVE_INFORMATION, SC_NOT_ACCEPTABLE, SC_NOT_FOUND, SC_NOT_IMPLEMENTED, SC_NOT_MODIFIED, SC_OK, SC_PARTIAL_CONTENT, SC_PAYMENT_REQUIRED, SC_PRECONDITION_FAILED, SC_PROXY_AUTHENTICATION_REQUIRED, SC_REQUEST_ENTITY_TOO_LARGE, SC_REQUEST_TIMEOUT, SC_REQUEST_URI_TOO_LONG, SC_REQUESTED_RANGE_NOT_SATISFIABLE, SC_RESET_CONTENT, SC_SEE_OTHER, SC_SERVICE_UNAVAILABLE, SC_SWITCHING_PROTOCOLS, SC_TEMPORARY_REDIRECT, SC_UNAUTHORIZED, SC_UNSUPPORTED_MEDIA_TYPE, SC_USE_PROXY

Constructor Summary

Constructors

Constructor	Description
SameSiteResponseProxy(HttpServletResponse resp)	Constructor.

Method Summary

Modifier and Type	Method	Description
private void	appendSameSite()	Add the SameSite attribute to those cookies configured in the sameSiteCookies map iff they do not already contain the same-site flag.
private void	appendSameSiteAttribute(String cookieHeader, String sameSiteValue, boolean first)	Append the SameSite cookie attribute with the specified samesite-value to the cookieHeader iff it does not already have one set.
ServletOutputStream	getOutputStream()
PrintWriter	getWriter()
void	sendError(int sc)
void	sendError(int sc, String msg)
void	sendRedirect(String location)

Methods inherited from class jakarta.servlet.http.HttpServletResponseWrapper

addCookie, addDateHeader, addHeader, addIntHeader, containsHeader, encodeRedirectURL, encodeURL, getHeader, getHeaderNames, getHeaders, getStatus, getTrailerFields, setDateHeader, setHeader, setIntHeader, setStatus, setTrailerFields

Methods inherited from class jakarta.servlet.ServletResponseWrapper

flushBuffer, getBufferSize, getCharacterEncoding, getContentType, getLocale, getResponse, isCommitted, isWrapperFor, isWrapperFor, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLength, setContentLengthLong, setContentType, setLocale, setResponse

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface jakarta.servlet.ServletResponse

flushBuffer, getBufferSize, getCharacterEncoding, getContentType, getLocale, isCommitted, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLength, setContentLengthLong, setContentType, setLocale

Field Details

response

@Nonnull
private final HttpServletResponse response

The response.

Constructor Details

SameSiteResponseProxy

public SameSiteResponseProxy(@Nonnull
 HttpServletResponse resp)

Constructor.

Parameters:

resp - the response to delegate to

Method Details

sendError

public void sendError(int sc)
               throws IOException

Specified by:

sendError in interface HttpServletResponse

Overrides:

sendError in class HttpServletResponseWrapper

Throws:

IOException

getWriter

public PrintWriter getWriter()
                      throws IOException

Specified by:

getWriter in interface ServletResponse

Overrides:

getWriter in class ServletResponseWrapper

Throws:

IOException

sendError

public void sendError(int sc,
 String msg)
               throws IOException

Specified by:

sendError in interface HttpServletResponse

Overrides:

sendError in class HttpServletResponseWrapper

Throws:

IOException

sendRedirect

public void sendRedirect(String location)
                  throws IOException

Specified by:

sendRedirect in interface HttpServletResponse

Overrides:

sendRedirect in class HttpServletResponseWrapper

Throws:

IOException

getOutputStream

public ServletOutputStream getOutputStream()
                                    throws IOException

Specified by:

getOutputStream in interface ServletResponse

Overrides:

getOutputStream in class ServletResponseWrapper

Throws:

IOException

appendSameSite

private void appendSameSite()

Add the SameSite attribute to those cookies configured in the sameSiteCookies map iff they do not already contain the same-site flag. All other cookies are copied over to the response without modification.

appendSameSiteAttribute

private void appendSameSiteAttribute(@Nonnull @NotEmpty
 String cookieHeader,
 @Nonnull @NotEmpty
 String sameSiteValue,
 boolean first)

Append the SameSite cookie attribute with the specified samesite-value to the cookieHeader iff it does not already have one set.

Parameters:

cookieHeader - the cookie header value

sameSiteValue - the SameSite attribute value e.g. None, Lax, or Strict

first - true iff this is the first Set-Cookie header