[jira] [Commented] (WICKET-7089) Set cookie SameSite only if the container supports it

Wed, 06 Dec 2023 04:30:36 -0800 


    [ 
https://issues.apache.org/jira/browse/WICKET-7089?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17793678#comment-17793678
 ] 

ASF subversion and git services commented on WICKET-7089:
---------------------------------------------------------

Commit a68536eb095bb5cf59e4063b6af9436523ddc623 in wicket's branch 
refs/heads/master from Martin Tzvetanov Grigorov
[ https://gitbox.apache.org/repos/asf?p=wicket.git;h=a68536eb09 ]

WICKET-7089: Set cookie SameSite only if the container supports it

Signed-off-by: Martin Tzvetanov Grigorov <mgrigo...@apache.org>


> Set cookie SameSite only if the container supports it
> -----------------------------------------------------
>
>                 Key: WICKET-7089
>                 URL: https://issues.apache.org/jira/browse/WICKET-7089
>             Project: Wicket
>          Issue Type: Sub-task
>          Components: wicket
>    Affects Versions: 10.0.0-M2
>            Reporter: Martin Tzvetanov Grigorov
>            Assignee: Martin Tzvetanov Grigorov
>            Priority: Major
>
> [https://lists.apache.org/thread/nwnhygmwoodbmx8f5j0rtm5wgy21p5kr]
>  
> {code:java}
> Hi,
> in parent pom.xml you are referencing
> <jakarta.servlet-api.version>6.0.0</jakarta.servlet-api.version>
> but here you state that Servlet 5+ is required:
> https://cwiki.apache.org/confluence/display/WICKET/Migration+to+Wicket+10.0#MigrationtoWicket10.0-Wicket10requiresServlet5+
> I've been bitten by this today when users couldn't sign in the app as 
> CookieUtils.initializeCookie uses 6.0.0 api, start of the stacktrace:
> java.lang.NoSuchMethodError: 'void 
> jakarta.servlet.http.Cookie.setAttribute(java.lang.String, 
> java.lang.String)'
>      at 
> org.apache.wicket.util.cookies.CookieUtils.initializeCookie(CookieUtils.java:341)
>      at 
> org.apache.wicket.util.cookies.CookieUtils.save(CookieUtils.java:294)
>      at 
> org.apache.wicket.util.cookies.CookieUtils.save(CookieUtils.java:168)
>      at 
> org.apache.wicket.authentication.strategy.DefaultAuthenticationStrategy.save(DefaultAuthenticationStrategy.java:148)
> Cookie.setAttribute is not present in 5.0.0 jservlet-api.
>  {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to