[jira] [Closed] (OFBIZ-13284) Set default security headers in writeJSONtoResponse and ensure SameSite cookie is returned

Jacques Le Roux (Jira) Thu, 14 Aug 2025 01:55:04 -0700


     [ 
https://issues.apache.org/jira/browse/OFBIZ-13284?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jacques Le Roux closed OFBIZ-13284.
-----------------------------------
    Resolution: Fixed

> Set default security headers in writeJSONtoResponse and ensure SameSite 
> cookie is returned
> ------------------------------------------------------------------------------------------
>
>                 Key: OFBIZ-13284
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-13284
>             Project: OFBiz
>          Issue Type: Bug
>          Components: framework/common
>    Affects Versions: 24.09.02
>            Reporter: Sandeep Rajput
>            Assignee: Jacques Le Roux
>            Priority: Major
>             Fix For: 24.09.03
>
>
> Currently, the writeJSONtoResponse method correctly sends the JSON response, 
> but it does not include the SameSite attribute in the default security 
> headers. As a result, the SameSite cookie is not returned in the browser 
> response.
> *Expected Behavior:*
>  # writeJSONtoResponse should set default security headers for the response.
>  # SameSite attribute should be correctly applied to all cookies sent in the 
> response.
>  # The browser should receive and respect the SameSite cookie.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Closed] (OFBIZ-13284) Set default security headers in writeJSONtoResponse and ensure SameSite cookie is returned

Reply via email to