SAK-43566 SameSite support for incompatible clients (sakaiproject#8153)

kernel/api/src/main/java/org/sakaiproject/util/RequestFilter.java

@@ -501,7 +501,7 @@ public void doFilter(ServletRequest requestObj, ServletResponse responseObj, Fil
 							{
 								c.setSecure(true);
 							}
-							addCookie(resp, c);
+							addCookie(req, resp, c);
 						}
 					}
 
@@ -586,7 +586,7 @@ protected void closingRedirect(HttpServletRequest req, HttpServletResponse res)
 		{
 			c.setSecure(true);
 		}
-		addCookie(res, c);
+		addCookie(req, res, c);
 
 		// We want the non-decoded ones so we don't have to re-encode.
 		StringBuilder url = new StringBuilder(req.getRequestURI());
@@ -1229,7 +1229,7 @@ protected Session assureSession(HttpServletRequest req, HttpServletResponse res)
 			{
 				c.setDomain(cookieDomain);
 			}
-			addCookie(res, c);
+			addCookie(req, res, c);
 		}
 
 		// if we have a session and had no cookie,
@@ -1253,7 +1253,7 @@ protected Session assureSession(HttpServletRequest req, HttpServletResponse res)
 				{
 					c.setSecure(true);
 				}
-				addCookie(res, c);
+				addCookie(req, res, c);
 			}
 		}
 
@@ -1424,7 +1424,7 @@ private String getCookieSuffix()
 		return suffix;
 	}
 
-	protected void addCookie(HttpServletResponse res, Cookie cookie) {
+	protected void addCookie(HttpServletRequest req, HttpServletResponse res, Cookie cookie) {
 
 		if (!m_cookieHttpOnly) {
 			// Use the standard servlet mechanism for setting the cookie
@@ -1436,7 +1436,7 @@ protected void addCookie(HttpServletResponse res, Cookie cookie) {
 
 			ServerCookie.appendCookieValue(sb, cookie.getVersion(), cookie.getName(), cookie.getValue(),
 					cookie.getPath(), cookie.getDomain(), cookie.getComment(),
-					cookie.getMaxAge(), cookie.getSecure(), m_cookieHttpOnly, m_cookieSameSite);
+					cookie.getMaxAge(), cookie.getSecure(), m_cookieHttpOnly, m_cookieSameSite, req.getHeader("user-agent"));
 
 			res.addHeader("Set-Cookie", sb.toString());
 		}