From 0859b4079af1cdca733133806a77a5205d554368 Mon Sep 17 00:00:00 2001
From: Matthias Kurz <m.kurz@irregular.at>
Date: Mon, 8 Feb 2021 22:26:11 +0100
Subject: [PATCH 1/2] Add SameSite to DiscardingCookie

---
 core/play/src/main/java/play/mvc/Result.java  | 23 ++++++++++++++++++-
 .../src/main/scala/play/api/mvc/Cookie.scala  | 12 +++++++---
 2 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/core/play/src/main/java/play/mvc/Result.java b/core/play/src/main/java/play/mvc/Result.java
index e7f62f3d191..4f59360ab06 100644
--- a/core/play/src/main/java/play/mvc/Result.java
+++ b/core/play/src/main/java/play/mvc/Result.java
@@ -514,8 +514,29 @@ public Result discardingCookie(String name, String path, String domain) {
    * @param secure Whether the cookie to discard is secure
    */
   public Result discardingCookie(String name, String path, String domain, boolean secure) {
+    return discardingCookie(name, path, domain, secure, null);
+  }
+
+  /**
+   * Discard a cookie in this result
+   *
+   * @param name The name of the cookie to discard, must not be null
+   * @param path The path of the cookie te discard, may be null
+   * @param domain The domain of the cookie to discard, may be null
+   * @param secure Whether the cookie to discard is secure
+   * @param sameSite The SameSite attribute of the cookie to discard, may be null
+   */
+  public Result discardingCookie(
+      String name, String path, String domain, boolean secure, Cookie.SameSite sameSite) {
     return withCookies(
-        new DiscardingCookie(name, path, Option.apply(domain), secure).toCookie().asJava());
+        new DiscardingCookie(
+                name,
+                path,
+                Option.apply(domain),
+                secure,
+                Option.apply(sameSite).map(ss -> ss.asScala()))
+            .toCookie()
+            .asJava());
   }
 
   /**
diff --git a/core/play/src/main/scala/play/api/mvc/Cookie.scala b/core/play/src/main/scala/play/api/mvc/Cookie.scala
index 2f2e5572d15..b5e51dc326f 100644
--- a/core/play/src/main/scala/play/api/mvc/Cookie.scala
+++ b/core/play/src/main/scala/play/api/mvc/Cookie.scala
@@ -133,8 +133,14 @@ object Cookie {
  * @param domain the cookie domain
  * @param secure whether this cookie is secured
  */
-case class DiscardingCookie(name: String, path: String = "/", domain: Option[String] = None, secure: Boolean = false) {
-  def toCookie = Cookie(name, "", Some(Cookie.DiscardedMaxAge), path, domain, secure, false)
+case class DiscardingCookie(
+    name: String,
+    path: String = "/",
+    domain: Option[String] = None,
+    secure: Boolean = false,
+    sameSite: Option[SameSite] = None
+) {
+  def toCookie = Cookie(name, "", Some(Cookie.DiscardedMaxAge), path, domain, secure, false, sameSite)
 }
 
 /**
@@ -492,7 +498,7 @@ trait CookieBaker[T <: AnyRef] { self: CookieDataCodec =>
       }
     }
 
-  def discard = DiscardingCookie(COOKIE_NAME, path, domain, secure)
+  def discard = DiscardingCookie(COOKIE_NAME, path, domain, secure, sameSite)
 
   /**
    * Builds the cookie object from the given data map.

From dc3c99fdfe993a47c541b16dacf2e5afd1ffcfcd Mon Sep 17 00:00:00 2001
From: Matthias Kurz <m.kurz@irregular.at>
Date: Mon, 8 Feb 2021 23:05:42 +0100
Subject: [PATCH 2/2] MiMa

---
 project/BuildSettings.scala | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/project/BuildSettings.scala b/project/BuildSettings.scala
index 2dbe063479d..d8c2a52a97f 100644
--- a/project/BuildSettings.scala
+++ b/project/BuildSettings.scala
@@ -313,6 +313,14 @@ object BuildSettings {
       // Fix compile error on JDK15: Use direct AlgorithmId.get()
       ProblemFilters
         .exclude[IncompatibleMethTypeProblem]("play.core.server.ssl.CertificateGenerator.generateCertificate"),
+      // Add SameSite to DiscardingCookie
+      ProblemFilters.exclude[DirectMissingMethodProblem]("play.api.mvc.DiscardingCookie.apply"),
+      ProblemFilters.exclude[DirectMissingMethodProblem]("play.api.mvc.DiscardingCookie.copy"),
+      ProblemFilters.exclude[DirectMissingMethodProblem]("play.api.mvc.DiscardingCookie.this"),
+      ProblemFilters.exclude[IncompatibleSignatureProblem]("play.api.mvc.DiscardingCookie.curried"),
+      ProblemFilters.exclude[IncompatibleSignatureProblem]("play.api.mvc.DiscardingCookie.tupled"),
+      ProblemFilters.exclude[IncompatibleSignatureProblem]("play.api.mvc.DiscardingCookie.unapply"),
+      ProblemFilters.exclude[MissingTypesProblem]("play.api.mvc.DiscardingCookie$"),
     ),
     unmanagedSourceDirectories in Compile += {
       val suffix = CrossVersion.partialVersion(scalaVersion.value) match {