Package org.springframework.http

Class ResponseCookie

java.lang.Object
org.springframework.http.HttpCookie
org.springframework.http.ResponseCookie
public final class ResponseCookie extends HttpCookie
An HttpCookie subclass with the additional attributes allowed in the "Set-Cookie" response header. To build an instance use the from(java.lang.String) static method.
Since:
5.0
Author:
Rossen Stoyanchev, Brian Clozel
See Also:

  • Method Details

    • getMaxAge

      public Duration getMaxAge()
      Return the cookie "Max-Age" attribute in seconds.

      A positive value indicates when the cookie expires relative to the current time. A value of 0 means the cookie should expire immediately. A negative value means no "Max-Age" attribute in which case the cookie is removed when the browser is closed.

    • getDomain

      @Nullable public String getDomain()
      Return the cookie "Domain" attribute, or null if not set.

    • getPath

      @Nullable public String getPath()
      Return the cookie "Path" attribute, or null if not set.

    • isSecure

      public boolean isSecure()
      Return true if the cookie has the "Secure" attribute.

    • isHttpOnly

      public boolean isHttpOnly()
      Return true if the cookie has the "HttpOnly" attribute.
      See Also:

    • isPartitioned

      public boolean isPartitioned()
      Return true if the cookie has the "Partitioned" attribute.
      Since:
      6.2
      See Also:

    • getSameSite

      @Nullable public String getSameSite()
      Return the cookie "SameSite" attribute, or null if not set.

      This limits the scope of the cookie such that it will only be attached to same site requests if "Strict" or cross-site requests if "Lax".

      Since:
      5.1
      See Also:

    • mutate

      public ResponseCookie.ResponseCookieBuilder mutate()
      Return a builder pre-populated with values from "this" instance.
      Since:
      6.0

    • equals

      public boolean equals(@Nullable Object other)
      Overrides:
      equals in class HttpCookie

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class HttpCookie

    • toString

      public String toString()
      Overrides:
      toString in class HttpCookie

    • from

      public static ResponseCookie.ResponseCookieBuilder from(String name)
      Factory method to obtain a builder for a server-defined cookie, given its name only, and where the value as well as other attributes can be set later via builder methods.
      Parameters:
      name - the cookie name
      Returns:
      a builder to create the cookie with
      Since:
      6.0

    • from

      public static ResponseCookie.ResponseCookieBuilder from(String name, String value)
      Factory method to obtain a builder for a server-defined cookie that starts with a name-value pair and may also include attributes.
      Parameters:
      name - the cookie name
      value - the cookie value
      Returns:
      a builder to create the cookie with

    • fromClientResponse

      public static ResponseCookie.ResponseCookieBuilder fromClientResponse(String name, String value)
      Factory method to obtain a builder for a server-defined cookie. Unlike from(String, String) this option assumes input from a remote server, which can be handled more leniently, e.g. ignoring an empty domain name with double quotes.
      Parameters:
      name - the cookie name
      value - the cookie value
      Returns:
      a builder to create the cookie with
      Since:
      5.2.5