WithHttpOnlyCookie defaults to false

kse-music · kse-music · commit edff9ae4488d · 2025-03-26T08:53:33.000+08:00
Closes gh-16820 Signed-off-by: DingHao <dh.hiekn@gmail.com>
diff --git a/web/src/main/java/org/springframework/security/web/server/csrf/CookieServerCsrfTokenRepository.java b/web/src/main/java/org/springframework/security/web/server/csrf/CookieServerCsrfTokenRepository.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -84,7 +84,7 @@ public void setCookieCustomizer(Consumer<ResponseCookie.ResponseCookieBuilder> c
 	 */
 	public static CookieServerCsrfTokenRepository withHttpOnlyFalse() {
 		CookieServerCsrfTokenRepository result = new CookieServerCsrfTokenRepository();
-		result.setCookieCustomizer((cookie) -> cookie.httpOnly(false));
+		result.cookieHttpOnly = false;
 		return result;
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`/*`
`2`		`- * Copyright 2002-2022 the original author or authors.`
	`2`	`+ * Copyright 2002-2025 the original author or authors.`
`3`	`3`	`*`
`4`	`4`	`* Licensed under the Apache License, Version 2.0 (the "License");`
`5`	`5`	`* you may not use this file except in compliance with the License.`
`@@ -84,7 +84,7 @@ public void setCookieCustomizer(Consumer<ResponseCookie.ResponseCookieBuilder> c`
`84`	`84`	`*/`
`85`	`85`	`public static CookieServerCsrfTokenRepository withHttpOnlyFalse() {`
`86`	`86`	`CookieServerCsrfTokenRepository result = new CookieServerCsrfTokenRepository();`
`87`		`- result.setCookieCustomizer((cookie) -> cookie.httpOnly(false));`
	`87`	`+ result.cookieHttpOnly = false;`
`88`	`88`	`return result;`
`89`	`89`	`}`
`90`	`90`