aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/org
diff options
context:
space:
mode:
authorAnton Tananaev <anton.tananaev@gmail.com>2020-09-05 15:52:45 -0700
committerAnton Tananaev <anton.tananaev@gmail.com>2020-09-05 15:52:45 -0700
commit03bd0f0d0945a80f5af19d06d37ff31a52d294ed (patch)
tree0412bafe5f785c2bba32730d0a8d7488558fd70d /src/main/java/org
parent0fbfe5160af67440c495ee1589b435a82e136e10 (diff)
downloadtrackermap-server-03bd0f0d0945a80f5af19d06d37ff31a52d294ed.tar.gz
trackermap-server-03bd0f0d0945a80f5af19d06d37ff31a52d294ed.tar.bz2
trackermap-server-03bd0f0d0945a80f5af19d06d37ff31a52d294ed.zip
Update SameSite configuration
Diffstat (limited to 'src/main/java/org')
-rw-r--r--src/main/java/org/traccar/config/Keys.java10
-rw-r--r--src/main/java/org/traccar/web/WebServer.java35
2 files changed, 32 insertions, 13 deletions
diff --git a/src/main/java/org/traccar/config/Keys.java b/src/main/java/org/traccar/config/Keys.java
index fd126a5c4..cd80e68c4 100644
--- a/src/main/java/org/traccar/config/Keys.java
+++ b/src/main/java/org/traccar/config/Keys.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2019 Anton Tananaev (anton@traccar.org)
+ * Copyright 2019 - 2020 Anton Tananaev (anton@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -430,11 +430,11 @@ public final class Keys {
"web.disableHealthCheck", Boolean.class);
/**
- * Fixes Chrome SameSite Cookie problem, only works on https
- * More info here https://wiki.shibboleth.net/confluence/display/DEV/Tomcat+and+Jetty+SameSite+Workarounds
+ * Sets SameSite cookie attribute value.
+ * Supported options: Lax, Strict, None.
*/
- public static final ConfigKey WEB_SAME_SITE_COOKIE_NONE = new ConfigKey(
- "web.sameSiteCookie.enable", Boolean.class);
+ public static final ConfigKey WEB_SAME_SITE_COOKIE = new ConfigKey(
+ "web.sameSiteCookie", String.class);
private Keys() {
}
diff --git a/src/main/java/org/traccar/web/WebServer.java b/src/main/java/org/traccar/web/WebServer.java
index 3f2a24815..44d78cd27 100644
--- a/src/main/java/org/traccar/web/WebServer.java
+++ b/src/main/java/org/traccar/web/WebServer.java
@@ -15,6 +15,7 @@
*/
package org.traccar.web;
+import org.eclipse.jetty.http.HttpCookie;
import org.eclipse.jetty.http.HttpMethod;
import org.eclipse.jetty.http.HttpStatus;
import org.eclipse.jetty.proxy.AsyncProxyServlet;
@@ -45,6 +46,7 @@ import org.traccar.config.Keys;
import javax.servlet.DispatcherType;
import javax.servlet.ServletException;
+import javax.servlet.SessionCookieConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.File;
@@ -76,12 +78,8 @@ public class WebServer {
ServletContextHandler servletHandler = new ServletContextHandler(ServletContextHandler.SESSIONS);
- int sessionTimeout = config.getInteger("web.sessionTimeout");
- if (sessionTimeout > 0) {
- servletHandler.getSessionHandler().setMaxInactiveInterval(sessionTimeout);
- }
-
initApi(config, servletHandler);
+ initSessionConfig(config, servletHandler);
if (config.getBoolean("web.console")) {
servletHandler.addServlet(new ServletHolder(new ConsoleServlet()), "/console/*");
@@ -167,10 +165,31 @@ public class WebServer {
SecurityRequestFilter.class, CorsResponseFilter.class, DateParameterConverterProvider.class);
resourceConfig.packages(ServerResource.class.getPackage().getName());
servletHandler.addServlet(new ServletHolder(new ServletContainer(resourceConfig)), "/api/*");
+ }
- if (config.getBoolean(Keys.WEB_SAME_SITE_COOKIE_NONE)) {
- servletHandler.getServletContext().getSessionCookieConfig().setSecure(true);
- servletHandler.getServletContext().getSessionCookieConfig().setComment("__SAME_SITE_NONE__");
+ private void initSessionConfig(Config config, ServletContextHandler servletHandler) {
+ int sessionTimeout = config.getInteger("web.sessionTimeout");
+ if (sessionTimeout > 0) {
+ servletHandler.getSessionHandler().setMaxInactiveInterval(sessionTimeout);
+ }
+
+ String sameSiteCookie = config.getString(Keys.WEB_SAME_SITE_COOKIE);
+ if (sameSiteCookie != null) {
+ SessionCookieConfig sessionCookieConfig = servletHandler.getServletContext().getSessionCookieConfig();
+ switch (sameSiteCookie.toLowerCase()) {
+ case "lax":
+ sessionCookieConfig.setComment(HttpCookie.SAME_SITE_LAX_COMMENT);
+ break;
+ case "strict":
+ sessionCookieConfig.setComment(HttpCookie.SAME_SITE_STRICT_COMMENT);
+ break;
+ case "none":
+ sessionCookieConfig.setSecure(true);
+ sessionCookieConfig.setComment(HttpCookie.SAME_SITE_NONE_COMMENT);
+ break;
+ default:
+ break;
+ }
}
}