Merge pull request 'Fix #24374: configuring same-site cookie policy' (#34) from feature/24374 into develop

Author: fmichielssen

src/main/java/eu/openanalytics/containerproxy/ContainerProxyApplication.java

@@ -39,6 +39,7 @@
 import org.springframework.core.env.Environment;
 import org.springframework.data.redis.connection.RedisConnectionFactory;
 import org.springframework.session.data.redis.config.ConfigureRedisAction;
+import org.springframework.session.web.http.DefaultCookieSerializer;
 import org.springframework.web.filter.FormContentFilter;
 
 import javax.annotation.PostConstruct;
@@ -62,6 +63,9 @@ public class ContainerProxyApplication {
 	@Inject
 	private ProxyMappingManager mappingManager;
 
+	@Inject
+	private DefaultCookieSerializer defaultCookieSerializer;
+
 	private final Logger log = LogManager.getLogger(getClass());
 
 	public static void main(String[] args) {
@@ -88,6 +92,10 @@ public void init() {
 		if (environment.getProperty("server.use-forward-headers") != null) {
 			log.warn("WARNING: Using server.use-forward-headers will not work in this ShinyProxy release. See https://shinyproxy.io/documentation/security/#https-ssl--tls on how to change your configuration.");
 		}
+
+		String sameSiteCookie = environment.getProperty("proxy.same-site-cookie", "Lax");
+		log.debug("Setting sameSiteCookie policy to {}" , sameSiteCookie);
+		defaultCookieSerializer.setSameSite(sameSiteCookie);
 	}
 
 	@Bean