From 64195344b56ae87f17df21370312e749f37a69a0 Mon Sep 17 00:00:00 2001 From: TSUJIGUCHI Takaya Date: Thu, 23 Jan 2020 14:05:12 +0900 Subject: [PATCH] Add support for SameSite cookies --- .../commons/ui/common/util/CookieHelper.js | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/forgerock-ui-commons/src/main/js/org/forgerock/commons/ui/common/util/CookieHelper.js b/forgerock-ui-commons/src/main/js/org/forgerock/commons/ui/common/util/CookieHelper.js index deeb2a21..e9b536a0 100644 --- a/forgerock-ui-commons/src/main/js/org/forgerock/commons/ui/common/util/CookieHelper.js +++ b/forgerock-ui-commons/src/main/js/org/forgerock/commons/ui/common/util/CookieHelper.js @@ -12,6 +12,7 @@ * information: "Portions copyright [year] [name of copyright owner]". * * Copyright 2011-2016 ForgeRock AS. + * Portions copyright 2020 Open Source Solution Technology Corporation */ define([ @@ -31,22 +32,25 @@ define([ * @param {String} [path] - cookie path. * @param {String|String[]} [domain] - cookie domain(s). * @param {Boolean} [secure] - is cookie secure. + * @param {String} [samesite] - cookie samesite. * @returns {String} created cookie. */ - obj.createCookie = function (name, value, expirationDate, path, domain, secure) { + obj.createCookie = function (name, value, expirationDate, path, domain, secure, samesite) { var expirationDatePart, nameValuePart, pathPart, domainPart, - securePart; + securePart, + samesitePart; expirationDatePart = expirationDate ? ";expires=" + expirationDate.toGMTString() : ""; nameValuePart = name + "=" + value; pathPart = path ? ";path=" + path : ""; domainPart = domain ? ";domain=" + domain : ""; securePart = secure ? ";secure" : ""; + samesitePart = samesite ? "; SameSite=" + samesite : ""; - return nameValuePart + expirationDatePart + pathPart + domainPart + securePart; + return nameValuePart + expirationDatePart + pathPart + domainPart + securePart + samesitePart; }; /** @@ -57,17 +61,18 @@ define([ * @param {String} [path] - cookie path. * @param {String|String[]} [domain] - cookie domain(s). Use empty array for creating host-only cookies. * @param {Boolean} [secure] - is cookie secure. + * @param {String} [samesite] - cookie samesite. */ - obj.setCookie = function (name, value, expirationDate, path, domains, secure) { + obj.setCookie = function (name, value, expirationDate, path, domains, secure, samesite) { if (!_.isArray(domains)) { domains = [domains]; } if (domains.length === 0) { - document.cookie = obj.createCookie(name, value, expirationDate, path, undefined, secure); + document.cookie = obj.createCookie(name, value, expirationDate, path, undefined, secure, samesite); } else { _.each(domains, function(domain) { - document.cookie = obj.createCookie(name, value, expirationDate, path, domain, secure); + document.cookie = obj.createCookie(name, value, expirationDate, path, domain, secure, samesite); }); } };