SameSite attribute for cookies change (#27)

* update

* mvn build success

* samesite attribute added

* .gitignore fix

* samesite test cases

* path changes

* for passing ci builds

* updated for travis ci build tests

commented oraclejdk9
added support for Java 12,13,14

* added openjdk9

* typo and readme update

Author: JevinMenezes

.classpath

@@ -10,6 +10,7 @@
 		<attributes>
 			<attribute name="optional" value="true"/>
 			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="test" value="true"/>
 		</attributes>
 	</classpathentry>
 	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
@@ -20,12 +21,30 @@
 	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
 		<attributes>
 			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="test" value="true"/>
 		</attributes>
 	</classpathentry>
-	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6">
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
 		<attributes>
 			<attribute name="maven.pomderived" value="true"/>
 		</attributes>
 	</classpathentry>
+	<classpathentry kind="src" path="target/generated-sources/annotations">
+		<attributes>
+			<attribute name="optional" value="true"/>
+			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="ignore_optional_problems" value="true"/>
+			<attribute name="m2e-apt" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" output="target/test-classes" path="target/generated-test-sources/test-annotations">
+		<attributes>
+			<attribute name="optional" value="true"/>
+			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="ignore_optional_problems" value="true"/>
+			<attribute name="m2e-apt" value="true"/>
+			<attribute name="test" value="true"/>
+		</attributes>
+	</classpathentry>
 	<classpathentry kind="output" path="target/classes"/>
 </classpath>

.gitignore

@@ -5,4 +5,5 @@
 /release.properties
 /pom.xml.releaseBackup
 *.iml
-.idea
+.idea
+.vscode

.settings/org.eclipse.jdt.apt.core.prefs

@@ -0,0 +1,2 @@
+eclipse.preferences.version=1
+org.eclipse.jdt.apt.aptEnabled=false

.settings/org.eclipse.jdt.core.prefs

@@ -1,8 +1,12 @@
 eclipse.preferences.version=1
 org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
-org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7
-org.eclipse.jdt.core.compiler.compliance=1.7
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
+org.eclipse.jdt.core.compiler.compliance=1.8
 org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
+org.eclipse.jdt.core.compiler.problem.enablePreviewFeatures=disabled
 org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
 org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
-org.eclipse.jdt.core.compiler.source=1.7
+org.eclipse.jdt.core.compiler.problem.reportPreviewFeatures=ignore
+org.eclipse.jdt.core.compiler.processAnnotations=disabled
+org.eclipse.jdt.core.compiler.release=disabled
+org.eclipse.jdt.core.compiler.source=1.8

.settings/org.eclipse.wst.common.project.facet.core.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <faceted-project>
-  <installed facet="java" version="1.7"/>
+  <installed facet="java" version="1.8"/>
   <installed facet="jboss.m2" version="1.0"/>
 </faceted-project>

.travis.yml

@@ -1,9 +1,16 @@
 language: java
 
 jdk:
-  - oraclejdk8
-  - oraclejdk9
+#  - oraclejdk8
+#  - oraclejdk9
   - oraclejdk11
+  - oraclejdk12
+  - oraclejdk13
+  - oraclejdk14
   - openjdk8
+  - openjdk9
   - openjdk10
-  - openjdk11
+  - openjdk11
+  - openjdk12
+  - openjdk13
+  - openjdk14

README.md

@@ -236,6 +236,22 @@ cookies.get( "name" ); // => "value"
 cookies.remove( "name", httpOnlyCookie );
 ```
 
+### sameSite
+
+Define whether your cookie should be restricted to a first party or same-site context
+
+**Default:** not set
+
+Note that more recent browsers are making "Lax" the default value even without specifiying anything here.
+
+**Examples:**
+
+```java
+Cookies cookies = Cookies.initFromServlet( request, response );
+cookies.set( "name", "value", Attributes.empty().sameSite( "Lax" ) );
+cookies.get( "name" ); // => "value"
+```
+
 ## Converter
 
 Create a new instance of the api that overrides the default decoding implementation.  

pom.xml

@@ -10,9 +10,10 @@
   <properties>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
-    <selenium.version>3.141.59</selenium.version>
-    <wildfly.version>15.0.1.Final</wildfly.version>
+    <selenium.version>2.45.0</selenium.version>
+    <wildfly.version>20.0.1.Final</wildfly.version>
     <project.scm.id>java-cookie-scm</project.scm.id>
+    <java.version>1.8</java.version>
   </properties>
   <licenses>
     <license>
@@ -45,16 +46,16 @@
     <plugins>
       <plugin>
         <artifactId>maven-compiler-plugin</artifactId>
-        <version>3.1</version>
+        <version>3.8.1</version>
         <configuration>
-          <source>1.6</source>
-          <target>1.6</target>
+          <source>${java.version}</source>
+          <target>${java.version}</target>
         </configuration>
       </plugin>
       <plugin>
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-release-plugin</artifactId>
-        <version>2.5.2</version>
+        <version>3.0.0-M1</version>
         <configuration>
           <useReleaseProfile>false</useReleaseProfile>
           <releaseProfiles>release</releaseProfiles>
@@ -69,8 +70,8 @@
       <dependency>
         <groupId>org.jboss.arquillian</groupId>
         <artifactId>arquillian-bom</artifactId>
-        <version>1.4.1.Final</version>
-        <scope>import</scope>
+        <version>1.6.0.Final</version>
+        <scope>test</scope>
         <type>pom</type>
       </dependency>
     </dependencies>
@@ -85,12 +86,12 @@
     <dependency>
       <groupId>joda-time</groupId>
       <artifactId>joda-time</artifactId>
-      <version>2.10.1</version>
+      <version>2.10.6</version>
     </dependency>
     <dependency>
       <groupId>com.fasterxml.jackson.core</groupId>
       <artifactId>jackson-databind</artifactId>
-      <version>2.9.8</version>
+      <version>2.11.2</version>
     </dependency>
     <dependency>
       <groupId>junit</groupId>
@@ -119,43 +120,43 @@
     <dependency>
       <groupId>org.jboss.arquillian.protocol</groupId>
       <artifactId>arquillian-protocol-servlet</artifactId>
-      <version>1.4.1.Final</version>
+      <version>1.6.0.Final</version>
       <scope>test</scope>
     </dependency>
     <dependency>
       <groupId>org.jboss.arquillian.junit</groupId>
       <artifactId>arquillian-junit-container</artifactId>
-      <version>1.4.1.Final</version>
+      <version>1.6.0.Final</version>
       <scope>test</scope>
     </dependency>
     <dependency>
       <groupId>org.wildfly.arquillian</groupId>
       <artifactId>wildfly-arquillian-container-managed</artifactId>
-      <version>2.1.1.Final</version>
+      <version>2.2.0.Final</version>
       <scope>test</scope>
     </dependency>
     <dependency>
       <groupId>org.jboss.shrinkwrap.resolver</groupId>
       <artifactId>shrinkwrap-resolver-impl-maven</artifactId>
-      <version>3.1.3</version>
+      <version>3.1.4</version>
       <scope>test</scope>
     </dependency>
     <dependency>
       <groupId>org.jboss.shrinkwrap.resolver</groupId>
       <artifactId>shrinkwrap-resolver-spi</artifactId>
-      <version>3.1.3</version>
+      <version>3.1.4</version>
       <scope>test</scope>
     </dependency>
     <dependency>
       <groupId>org.apache.httpcomponents</groupId>
       <artifactId>httpclient</artifactId>
-      <version>4.5.7</version>
+      <version>4.5.12</version>
       <scope>test</scope>
     </dependency>
     <dependency>
       <groupId>org.apache.httpcomponents</groupId>
       <artifactId>fluent-hc</artifactId>
-      <version>4.5.7</version>
+      <version>4.5.12</version>
       <scope>test</scope>
     </dependency>
   </dependencies>
@@ -192,9 +193,9 @@
             </executions>
           </plugin>
           <plugin>
-            <groupId>org.codehaus.mojo</groupId>
-            <artifactId>failsafe-maven-plugin</artifactId>
-            <version>2.4.3-alpha-1</version>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-failsafe-plugin</artifactId>
+            <version>2.22.2</version>
             <executions>
               <execution>
                 <goals>
@@ -207,7 +208,7 @@
           <plugin>
             <groupId>com.github.eirslett</groupId>
             <artifactId>frontend-maven-plugin</artifactId>
-            <version>1.5</version>
+            <version>1.10.0</version>
             <executions>
               <execution>
                 <id>install node and npm</id>
@@ -262,7 +263,7 @@
           <plugin>
             <groupId>org.apache.maven.plugins</groupId>
             <artifactId>maven-javadoc-plugin</artifactId>
-            <version>3.0.1</version>
+            <version>3.2.0</version>
             <executions>
               <execution>
                 <id>attach-javadocs</id>
@@ -275,7 +276,7 @@
           <plugin>
             <groupId>org.apache.maven.plugins</groupId>
             <artifactId>maven-source-plugin</artifactId>
-            <version>3.0.1</version>
+            <version>3.2.1</version>
             <executions>
               <execution>
                 <id>attach-sources</id>

src/main/java/com/github/jscookie/javacookie/AttributesDefinition.java

@@ -11,4 +11,6 @@ public abstract class AttributesDefinition {
 	abstract Boolean secure();
 	public abstract AttributesDefinition httpOnly( Boolean httpOnly );
 	abstract Boolean httpOnly();
+	public abstract AttributesDefinition sameSite( String sameSite );
+	abstract String sameSite();
 }

src/main/java/com/github/jscookie/javacookie/Cookies.java

@@ -147,6 +147,11 @@ public synchronized void set( String name, String value, AttributesDefinition at
 			header.append( "; HttpOnly" );
 		}
 
+		String sameSite = attributes.sameSite();
+		if ( sameSite != null ) {
+			header.append( "; SameSite=" + sameSite );
+		}
+
 		if ( response.isCommitted() ) {
 			return;
 		}
@@ -416,6 +421,7 @@ public static class Attributes extends AttributesDefinition {
 		private String domain;
 		private Boolean secure;
 		private Boolean httpOnly;
+		private String sameSite;
 
 		private Attributes() {}
 
@@ -473,6 +479,16 @@ public Attributes httpOnly( Boolean httpOnly ) {
 			return this;
 		}
 
+		@Override
+		String sameSite() {
+			return sameSite;
+		}
+		@Override
+		public Attributes sameSite( String sameSite ) {
+			this.sameSite = sameSite;
+			return this;
+		}
+
 		private Attributes merge( AttributesDefinition reference ) {
 			if ( reference.path() != null ) {
 				path = reference.path();
@@ -489,6 +505,9 @@ private Attributes merge( AttributesDefinition reference ) {
 			if ( reference.httpOnly() != null ) {
 				httpOnly = reference.httpOnly();
 			}
+			if ( reference.sameSite() != null ) {
+				sameSite = reference.sameSite();
+			}
 			return this;
 		}
 	}