Sākums Izpētīt Palīdzība
Reģistrēties Pierakstīties
github
/
spring-security
spogulis no https://github.com/spring-projects/spring-security
2
0
Atdalīts 0
Faili Problēmas 0 Vikivietne
Pārlūkot izejas kodu

Jakarta Cookie HttpOnly Serialization

The new specification represents Cookie attribute using HttpOnly: "" vs
HttpOnly: "true".

This updates the test to correspond to the new Servlet specification and
is a breaking change related to jakarta updates.
Rob Winch 3 mēneši atpakaļ
vecāks
0e2d864b09
revīzija
e5e962ef90
2 mainītis faili ar 2 papildinājumiem un 2 dzēšanām
Dalītais skats Rādīt salīdzināšanas statistiku
  1. 1 1
      web/src/main/java/org/springframework/security/web/jackson2/CookieDeserializer.java
  2. 1 1
      web/src/test/java/org/springframework/security/web/jackson2/CookieMixinTests.java

+ 1 - 1
web/src/main/java/org/springframework/security/web/jackson2/CookieDeserializer.java
Parādīt failu 

@@ -52,7 +52,7 @@ class CookieDeserializer extends JsonDeserializer<Cookie> {
 
 		cookie.setVersion(readJsonNode(jsonNode, "version").asInt());
 
 		cookie.setPath(readJsonNode(jsonNode, "path").asText());
 
 		JsonNode attributes = readJsonNode(jsonNode, "attributes");
 
-		cookie.setHttpOnly(readJsonNode(attributes, "HttpOnly").asBoolean());
 
+		cookie.setHttpOnly(readJsonNode(attributes, "HttpOnly") != null);
 
 		return cookie;
 
 	}

+ 1 - 1
web/src/test/java/org/springframework/security/web/jackson2/CookieMixinTests.java
Parādīt failu 

@@ -52,7 +52,7 @@ public class CookieMixinTests extends AbstractMixinTests {
 
 		"	\"@class\": \"jakarta.servlet.http.Cookie\"," +
 
 		"	\"name\": \"demo\"," +
 
 		"	\"value\": \"cookie1\"," +
 
-		"	\"attributes\":{\"@class\":\"java.util.Collections$UnmodifiableMap\", \"HttpOnly\": \"true\"}," +
 
+		"	\"attributes\":{\"@class\":\"java.util.Collections$UnmodifiableMap\", \"HttpOnly\": \"\"}," +
 
 		"	\"comment\": null," +
 
 		"	\"maxAge\": -1," +
 
 		"	\"path\": null," +