[
https://issues.apache.org/jira/browse/OFBIZ-13284?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18013873#comment-18013873
]
Jacques Le Roux commented on OFBIZ-13284:
-----------------------------------------
[It's also in
trunk|https://github.com/apache/ofbiz-framework/blob/c04db3a20b28fccdcb3574532a06b5d6a49ec46b/framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java#L257]
It just does not show here neither at
https://lists.apache.org/[email protected] because of
INFRA-27123
> Set default security headers in writeJSONtoResponse and ensure SameSite
> cookie is returned
> ------------------------------------------------------------------------------------------
>
> Key: OFBIZ-13284
> URL: https://issues.apache.org/jira/browse/OFBIZ-13284
> Project: OFBiz
> Issue Type: Bug
> Components: framework/common
> Affects Versions: 24.09.02
> Reporter: Sandeep Rajput
> Assignee: Jacques Le Roux
> Priority: Major
> Fix For: 24.09.03
>
>
> Currently, the writeJSONtoResponse method correctly sends the JSON response,
> but it does not include the SameSite attribute in the default security
> headers. As a result, the SameSite cookie is not returned in the browser
> response.
> *Expected Behavior:*
> # writeJSONtoResponse should set default security headers for the response.
> # SameSite attribute should be correctly applied to all cookies sent in the
> response.
> # The browser should receive and respect the SameSite cookie.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
