Spring Boot 2 JWT¶

CookieUtil¶

  • cookie.setSecure(secure): secure=true => work on HTTPS only.
  • cookie.setHttpOnly(true): invisible to JavaScript.
  • cookie.setMaxAge(maxAge): maxAge=0: expire cookie now, maxAge<0: expire cookiie on browser exit.
  • cookie.setDomain(domain): visible to domain only.
  • cookie.setPath("/"): visible to all paths.