jlengrand/vert.x
1
0
Fork 0
mirror of https://github.com/jlengrand/vert.x.git synced 2026-03-10 08:51:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update adoc

Browse Source
This commit is contained in:
Paulo Lopes
2019-12-06 15:32:44 +01:00
parent 41838fb7e1
commit 14823c2b59
2 changed files with 39 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/main/asciidoc/enums.adoc
View File

@@ -26,6 +26,32 @@ Require client to present authentication, if not presented then negotiations wil
+++
|===
[[CookieSameSite]]
== CookieSameSite
++++
Represents the Cookie SameSite policy to be used. For more info <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#SameSite_cookies">https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#SameSite_cookies</a>.
++++
'''
[cols=">25%,75%"]
[frame="topbot"]
|===
^|Name | Description
|[[NONE]]`NONE`|+++
The browser will send cookies with both cross-site requests and same-site requests.
+++
|[[STRICT]]`STRICT`|+++
The browser will only send cookies for same-site requests (requests originating from the site that set the cookie).
If the request originated from a different URL than the URL of the current location, none of the cookies tagged
with the Strict attribute will be included.
+++
|[[LAX]]`LAX`|+++
Same-site cookies are withheld on cross-site subrequests, such as calls to load images or frames, but will be sent
when a user navigates to the URL from an external site; for example, by following a link.
+++
|===
[[DnsResponseCode]]
== DnsResponseCode

13
src/main/asciidoc/http.adoc
View File

@@ -351,6 +351,19 @@ browser can store them.
Cookies are described by instances of {@link io.vertx.core.http.Cookie}. This allows you to retrieve the name,
value, domain, path and other normal cookie properties.
Same Site Cookies let servers require that a cookie shouldn't be sent with cross-site (where Site is defined by the
registrable domain) requests, which provides some protection against cross-site request forgery attacks. This kind
of cookies are enabled using the setter: {@link io.vertx.core.http.Cookie#setSameSite(CookieSameSite)}.
Same site cookies can have one of 3 values:
* None - The browser will send cookies with both cross-site requests and same-site requests.
* Strict - he browser will only send cookies for same-site requests (requests originating from the site that set the
cookie). If the request originated from a different URL than the URL of the current location, none of the cookies
tagged with the Strict attribute will be included.
* Lax - Same-site cookies are withheld on cross-site subrequests, such as calls to load images or frames, but will be
sent when a user navigates to the URL from an external site; for example, by following a link.
Here's an example of querying and adding cookies:
[source,$lang]