Enum Class ResponseCookie.SameSite

java.lang.Object
java.lang.Enum<ResponseCookie.SameSite>
com.soklet.core.ResponseCookie.SameSite
All Implemented Interfaces:
Serializable, Comparable<ResponseCookie.SameSite>, Constable
Enclosing class:
ResponseCookie
public static enum ResponseCookie.SameSite extends Enum<ResponseCookie.SameSite>
Values which control whether or not a response cookie is sent with cross-site requests, providing some protection against cross-site request forgery attacks (CSRF).

See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#samesitesamesite-value for details.

Author:
Mark Allen

  • Enum Constant Details

    • STRICT

      public static final ResponseCookie.SameSite STRICT
      Means that the browser sends the cookie only for same-site requests, that is, requests originating from the same site that set the cookie. If a request originates from a different domain or scheme (even with the same domain), no cookies with the SameSite=Strict attribute are sent.

    • LAX

      public static final ResponseCookie.SameSite LAX
      Means that the cookie is not sent on cross-site requests, such as on requests to load images or frames, but is sent when a user is navigating to the origin site from an external site (for example, when following a link). This is the default behavior if the SameSite attribute is not specified.

    • NONE

      public static final ResponseCookie.SameSite NONE
      Means that the browser sends the cookie with both cross-site and same-site requests. The Secure attribute must also be set when setting this value, like so SameSite=None; Secure. If Secure is missing, an error will be logged.

  • Method Details

    • values

      public static ResponseCookie.SameSite[] values()
      Returns an array containing the constants of this enum class, in the order they are declared.
      Returns:
      an array containing the constants of this enum class, in the order they are declared

    • valueOf

      public static ResponseCookie.SameSite valueOf(String name)
      Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)
      Parameters:
      name - the name of the enum constant to be returned.
      Returns:
      the enum constant with the specified name
      Throws:
      IllegalArgumentException - if this enum class has no constant with the specified name
      NullPointerException - if the argument is null

    • fromHeaderRepresentation

      @Nonnull public static Optional<ResponseCookie.SameSite> fromHeaderRepresentation(@Nonnull String headerRepresentation)
      Returns the ResponseCookie.SameSite enum value that matches the corresponding SameSite response header value representation (one of Strict, Lax, or None - case-insensitive).
      Parameters:
      headerRepresentation - a case-insensitive HTTP header value - one of Strict, Lax, or None
      Returns:
      the enum value that corresponds to the given the header representation, or Optional.empty() if none matches

    • getHeaderRepresentation

      @Nonnull public String getHeaderRepresentation()
      The HTTP header value that corresponds to this enum value - one of Strict, Lax, or None.
      Returns:
      the HTTP header value for this enum