samesite-cookie expression filter stopped working after applying 7.3 Update 6

Solution Verified - Updated -

Issue

  • After applying 7.3 Update 6 the below error occurs:
ERROR [io.undertow.request] (default I/O-3) UT005071: Undertow request failed HttpServerExchange{ GET /ffc-2.0/pa/login.xhtml}: java.lang.IllegalArgumentException: UT000045: Error parsing predicated handler string no handler named samesite-cookie known handlers are [disallowed-methods, allowed-methods, buffer-request, jdbc-access-log, http-continue-accept, secure-cookie, access-log, mark-secure, response-rate-limit, canonical-path, response-code, disable-cache, ssl-headers, trace, blocking, url-decoding, error-file, access-control, redirect, set, ip-access-control, request-limit, resource, compress, restart, clear, byte-range, eager-form-parser, done, rewrite, forwarded, stuck-thread-detector, reverse-proxy, jvm-route, learning-push, dump-request, proxy-peer-address, resolve-local-name, header, store-response, path-separator, uncompress, resolve-peer-name]:
samesite-cookie(mode=strict)

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP) 7.3.6
  • samesite-cookie expression filter:
<subsystem xmlns="urn:jboss:domain:undertow:10.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" instance-id="node1" default-security-domain="other" statistics-enabled="false">
            <buffer-cache name="default"/>
            <server name="default-server">
                <http-listener name="default" socket-binding="http" max-post-size="200000000" redirect-socket="https" enable-http2="true"/>
                <https-listener name="https" socket-binding="https" security-realm="ApplicationRealm" enable-http2="true"/>
<ajp-listener name="ajp" socket-binding="ajp" scheme="http" max-connections="450"/>
                <host name="default-host" alias="localhost">
                    <location name="/" handler="welcome-content"/>
                    <filter-ref name="server-header"/>
                    <filter-ref name="x-powered-by-header"/>
                    <filter-ref name="samesite-cookie-filter"/>
                    <http-invoker security-realm="ApplicationRealm"/>
                </host>
            </server>
            <servlet-container name="default">
                <jsp-config/>
                <session-cookie http-only="true" secure="true"/>
                <websockets/>
            </servlet-container>
            <handlers>
                <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
            </handlers>
            <filters>
                <expression-filter name="samesite-cookie-filter" expression="samesite-cookie(mode=strict)"/>
                <response-header name="server-header" header-name="Server" header-value="JBoss-EAP/7"/>
                <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
            </filters>
        </subsystem>

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In