Reputation: 2789
I am working on a quarkus project. I have built a REST API using RestEasy. I am setting a cookie back to the caller of this API like
return Response.ok("Alice").cookie(new NewCookie("jwt", newJwtCookie)).build();
I would like to set the samesite attribute as Strict. NewCookie doesnt yet support this. Is there some where to do this in Quarkus.
Upvotes: 1
Views: 2058
Reputation: 824
this is a manual option..
return Response.ok("Alice").header("Set-Cookie", "jwt="+newJwtCookie+"; SameSite=strict").build();
there is also a related flag quarkus.http.same-site-cookie.jwt.value=Strict
in application.properties.
Upvotes: 1