I need to set same site cookie attribute to Strict on WildFly20 server responses. I need to do it via server configuration. Any help ??
JMart's answer is correct but requires to add a file to your web-application (undertow-handlers.conf). With WildFly 19.1 (WFLY-13003) and above you can configure this feature in WildFly's standalone.xml as follows:
<subsystem xmlns="urn:jboss:domain:undertow:12.0" ...>
<server name="default-server">
...
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<http-invoker http-authentication-factory="application-http-authentication"/>
<!-- add the filter defined below -->
<filter-ref name="samesite-cookie"/>
</host>
</server>
...
<filters>
<!-- configure samesite handler -->
<expression-filter name="samesite-cookie" expression="samesite-cookie(mode=strict)"/>
</filters>
</subsystem>
This can be achieved by executing the following commands via WildFly's CLI interface:
/subsystem=undertow/configuration=filter/expression-filter=samesite-cookie:add(expression="samesite-cookie(mode=strict)")
/subsystem=undertow/server=default-server/host=default-host/filter-ref=samesite-cookie:add