Merge pull request #10693 from mkurz/discardcookie_samesite

Add SameSite to DiscardingCookie

core/play/src/main/java/play/mvc/Result.java

@@ -514,8 +514,29 @@ public Result discardingCookie(String name, String path, String domain) {
    * @param secure Whether the cookie to discard is secure
    */
   public Result discardingCookie(String name, String path, String domain, boolean secure) {
+    return discardingCookie(name, path, domain, secure, null);
+  }
+
+  /**
+   * Discard a cookie in this result
+   *
+   * @param name The name of the cookie to discard, must not be null
+   * @param path The path of the cookie te discard, may be null
+   * @param domain The domain of the cookie to discard, may be null
+   * @param secure Whether the cookie to discard is secure
+   * @param sameSite The SameSite attribute of the cookie to discard, may be null
+   */
+  public Result discardingCookie(
+      String name, String path, String domain, boolean secure, Cookie.SameSite sameSite) {
     return withCookies(
-        new DiscardingCookie(name, path, Option.apply(domain), secure).toCookie().asJava());
+        new DiscardingCookie(
+                name,
+                path,
+                Option.apply(domain),
+                secure,
+                Option.apply(sameSite).map(ss -> ss.asScala()))
+            .toCookie()
+            .asJava());
   }
 
   /**

core/play/src/main/scala/play/api/mvc/Cookie.scala

@@ -133,8 +133,14 @@ object Cookie {
  * @param domain the cookie domain
  * @param secure whether this cookie is secured
  */
-case class DiscardingCookie(name: String, path: String = "/", domain: Option[String] = None, secure: Boolean = false) {
-  def toCookie = Cookie(name, "", Some(Cookie.DiscardedMaxAge), path, domain, secure, false)
+case class DiscardingCookie(
+    name: String,
+    path: String = "/",
+    domain: Option[String] = None,
+    secure: Boolean = false,
+    sameSite: Option[SameSite] = None
+) {
+  def toCookie = Cookie(name, "", Some(Cookie.DiscardedMaxAge), path, domain, secure, false, sameSite)
 }
 
 /**
@@ -492,7 +498,7 @@ trait CookieBaker[T <: AnyRef] { self: CookieDataCodec =>
       }
     }
 
-  def discard = DiscardingCookie(COOKIE_NAME, path, domain, secure)
+  def discard = DiscardingCookie(COOKIE_NAME, path, domain, secure, sameSite)
 
   /**
    * Builds the cookie object from the given data map.

project/BuildSettings.scala

@@ -313,6 +313,14 @@ object BuildSettings {
       // Fix compile error on JDK15: Use direct AlgorithmId.get()
       ProblemFilters
         .exclude[IncompatibleMethTypeProblem]("play.core.server.ssl.CertificateGenerator.generateCertificate"),
+      // Add SameSite to DiscardingCookie
+      ProblemFilters.exclude[DirectMissingMethodProblem]("play.api.mvc.DiscardingCookie.apply"),
+      ProblemFilters.exclude[DirectMissingMethodProblem]("play.api.mvc.DiscardingCookie.copy"),
+      ProblemFilters.exclude[DirectMissingMethodProblem]("play.api.mvc.DiscardingCookie.this"),
+      ProblemFilters.exclude[IncompatibleSignatureProblem]("play.api.mvc.DiscardingCookie.curried"),
+      ProblemFilters.exclude[IncompatibleSignatureProblem]("play.api.mvc.DiscardingCookie.tupled"),
+      ProblemFilters.exclude[IncompatibleSignatureProblem]("play.api.mvc.DiscardingCookie.unapply"),
+      ProblemFilters.exclude[MissingTypesProblem]("play.api.mvc.DiscardingCookie$"),
     ),
     unmanagedSourceDirectories in Compile += {
       val suffix = CrossVersion.partialVersion(scalaVersion.value) match {