java spring unable to set setcookie header with flags Samesite="None" and secure flag simultaneuosly

Question

@Override
public void doFilter
    (
        ServletRequest request, 
        ServletResponse response, 
        FilterChain chain
    ) throws IOException, ServletException {

    HttpServletResponse resp = (HttpServletResponse)response;
    resp.setHeader("Set-Cookie", "local=de;HttpOnly; SameSite=None;);
    chain.doFilter(request, response);
}

when i set it resp.setHeader("Set-Cookie", "local=de;HttpOnly; SameSite=None;) -> chrome says "recieved a cookie with sameSite ="None" but not secure" when i add secure secure flag this way resp.setHeader("Set-Cookie", "local=de;HttpOnly; SameSite=None;Secure) -> chrome says "recieved cookie without SameSite attribute"

additonal information: im using spring boot with spring security runnig on a different server using ngrok tunnel . and testing with angular on another server on(localhost:4200) making htp calls. please help me fix this. i'm stuck since two days. when i add secure=true this way server.servlet.session.cookie.secure=true . chrome says samesite attribute not found

the complete code can be found here: github.com/bharatvarmagit/BookStore in userauth branch

I have the same problem. @venkata-n did you find a solution? — Anna Ira Hurnaus, Aug 27 '20 at 13:05
I couldn't find a workaround. So I switched to JWT authentication using jjwt.https://github.com/jwtk/jjwt — Venkata N, Aug 28 '20 at 16:35
a suggested solution from a same type question https://stackoverflow.com/a/64558083/4423695 — ThilankaD, Feb 04 '21 at 17:48

java spring unable to set setcookie header with flags Samesite="None" and secure flag simultaneuosly

0 Answers0