Package org.apache.shiro.web.servlet
Enum Cookie.SameSiteOptions
- java.lang.Object
-
- java.lang.Enum<Cookie.SameSiteOptions>
-
- org.apache.shiro.web.servlet.Cookie.SameSiteOptions
-
- All Implemented Interfaces:
Serializable
,Comparable<Cookie.SameSiteOptions>
- Enclosing interface:
- Cookie
public static enum Cookie.SameSiteOptions extends Enum<Cookie.SameSiteOptions>
The SameSite attribute of the Set-Cookie HTTP response header allows you to declare if your cookie should be restricted to a first-party or same-site context.
-
-
Enum Constant Summary
Enum Constants Enum Constant Description LAX
Cookies are allowed to be sent with top-level navigations and will be sent along with GET requests initiated by third party website.NONE
Cookies will be sent in all contexts, i.e sending cross-origin is allowed.STRICT
Cookies will only be sent in a first-party context and not be sent along with requests initiated by third party websites.
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static Cookie.SameSiteOptions
valueOf(String name)
Returns the enum constant of this type with the specified name.static Cookie.SameSiteOptions[]
values()
Returns an array containing the constants of this enum type, in the order they are declared.
-
-
-
Enum Constant Detail
-
NONE
public static final Cookie.SameSiteOptions NONE
Cookies will be sent in all contexts, i.e sending cross-origin is allowed.None used to be the default value, but recent browser versions made Lax the default value to have reasonably robust defense against some classes of cross-site request forgery (CSRF) attacks.
None requires the Secure attribute in latest browser versions. See below for more information.
-
LAX
public static final Cookie.SameSiteOptions LAX
Cookies are allowed to be sent with top-level navigations and will be sent along with GET requests initiated by third party website. This is the default value in modern browsers as of 2020.
-
STRICT
public static final Cookie.SameSiteOptions STRICT
Cookies will only be sent in a first-party context and not be sent along with requests initiated by third party websites.
-
-
Method Detail
-
values
public static Cookie.SameSiteOptions[] values()
Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows:for (Cookie.SameSiteOptions c : Cookie.SameSiteOptions.values()) System.out.println(c);
- Returns:
- an array containing the constants of this enum type, in the order they are declared
-
valueOf
public static Cookie.SameSiteOptions valueOf(String name)
Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)- Parameters:
name
- the name of the enum constant to be returned.- Returns:
- the enum constant with the specified name
- Throws:
IllegalArgumentException
- if this enum type has no constant with the specified nameNullPointerException
- if the argument is null
-
-