Google Git
Sign in
apache / shiro / b9973cbf8346f6b04bf1f5197ad91215c9d4e2a5
commitb9973cbf8346f6b04bf1f5197ad91215c9d4e2a5[log] [tgz]
authorFrederic Tregon <frederic.tregon@codingame.com>Thu Oct 01 11:11:53 2020 +0200
committerBrian Demers <bdemers@apache.org>Sat Oct 17 10:57:40 2020 -0400
treec82a2ab1019a3afae87932d42874cd818412971c
parentea680b427a9e4eabd9d795497372a6434e5a34c9 [diff]
deleteMe cookie should use the defined "sameSite"

With Chrome increasing security of cookies not defining any SameSite options, the deleteMe cookie may be blocked by Chrome under some circumstances.
For example, when an app is used within a cross-site iframe, one must defined the option SameSite=None option. This works for the main cookie, but the deleteMe is currently blocked. This commit fixes this.
1 file changed
tree: c82a2ab1019a3afae87932d42874cd818412971c
  1. all/
  2. cache/
  3. config/
  4. core/
  5. crypto/
  6. event/
  7. integration-tests/
  8. lang/
  9. samples/
  10. src/
  11. support/
  12. test-coverage/
  13. tools/
  14. web/
  15. .gitignore
  16. .travis.yml
  17. CONTRIBUTING.md
  18. Jenkinsfile
  19. Jenkinsfile-jdk11
  20. Jenkinsfile-jdk14
  21. LICENSE
  22. NOTICE
  23. pom.xml
  24. README
  25. README.md
  26. RELEASE-NOTES
  27. shiro.doap.rdf
README.md

Maven Central Build Status Jenkins tests

Apache Shiro

Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. With Shiro’s easy-to-understand API, you can quickly and easily secure any application – from the smallest mobile applications to the largest web and enterprise applications.

Documentation and Examples

http://shiro.apache.org

Tutorials

License

Apache License, Version 2.0