[undertow-dev] Same-Site Cookie Attribute
Sven Kubiak
sven at kubiak.me
Thu Mar 2 14:15:37 EST 2017
I have looked at the current Cookie Implementation in Undetow, and it seems like there is no support for the Same-Site Cookie Attribute.
See: https://scotthelme.co.uk/csrf-is-dead/
I'll be happy to create a pull request, if someone could point me to the right classes (and test cases) where the response headers for the cookies are being set.
Best regards,
Sven
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/undertow-dev/attachments/20170302/fe79a706/attachment.html
More information about the undertow-dev
mailing list