From 7526b92f188efcec1ebf7f1834a96d4e8bc98aa3 Mon Sep 17 00:00:00 2001
From: songhyeonpk <ehftozl1997@gmail.com>
Date: Fri, 11 Jul 2025 15:11:39 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20=EB=B0=B0=ED=8F=AC=EC=95=B1=EC=9D=98=20H?=
 =?UTF-8?q?TTPS=20=EC=9A=94=EC=B2=AD=EC=97=90=EC=84=9C=20=EC=84=B8?=
 =?UTF-8?q?=EC=85=98=20=EC=BF=A0=ED=82=A4=EA=B0=80=20=EC=A0=80=EC=9E=A5?=
 =?UTF-8?q?=EB=90=98=EC=A7=80=20=EC=95=8A=EB=8A=94=20=EB=B2=84=EA=B7=B8=20?=
 =?UTF-8?q?=ED=95=B4=EA=B2=B0=20=EC=9E=91=EC=97=85(#143)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- feat: HTTP/HTTPS 환경에 따라 Secure + SameSite 쿠키 설정을 처리하는 CookieSerializerConfig, ProtocolAwareCookieSerializer 클래스 추가
- chore: Spring 에서 HTTPS 요청을 인식할 수 있도록, nginx 프록시 설정에 X-Forwarded-Proto 헤더 추가
- chore: 프록시 환경에서 HTTPS 인식 가능하도록 forward-headers-strategy 설정
---
 nginx/default.conf                            |  1 +
 .../session/CookieSerializerConfig.java       | 14 ++++++++++++
 .../ProtocolAwareCookieSerializer.java        | 22 +++++++++++++++++++
 src/main/resources/application-dev.yml        |  5 ++++-
 4 files changed, 41 insertions(+), 1 deletion(-)
 create mode 100644 src/main/java/com/ftm/server/infrastructure/session/CookieSerializerConfig.java
 create mode 100644 src/main/java/com/ftm/server/infrastructure/session/ProtocolAwareCookieSerializer.java

diff --git a/nginx/default.conf b/nginx/default.conf
index c663eb1..97a45c2 100644
--- a/nginx/default.conf
+++ b/nginx/default.conf
@@ -24,5 +24,6 @@ server {
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
     }
 }
\ No newline at end of file
diff --git a/src/main/java/com/ftm/server/infrastructure/session/CookieSerializerConfig.java b/src/main/java/com/ftm/server/infrastructure/session/CookieSerializerConfig.java
new file mode 100644
index 0000000..f9bf46f
--- /dev/null
+++ b/src/main/java/com/ftm/server/infrastructure/session/CookieSerializerConfig.java
@@ -0,0 +1,14 @@
+package com.ftm.server.infrastructure.session;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.session.web.http.CookieSerializer;
+
+@Configuration
+public class CookieSerializerConfig {
+
+    @Bean
+    public CookieSerializer cookieSerializer() {
+        return new ProtocolAwareCookieSerializer();
+    }
+}
diff --git a/src/main/java/com/ftm/server/infrastructure/session/ProtocolAwareCookieSerializer.java b/src/main/java/com/ftm/server/infrastructure/session/ProtocolAwareCookieSerializer.java
new file mode 100644
index 0000000..c6f80a1
--- /dev/null
+++ b/src/main/java/com/ftm/server/infrastructure/session/ProtocolAwareCookieSerializer.java
@@ -0,0 +1,22 @@
+package com.ftm.server.infrastructure.session;
+
+import jakarta.servlet.http.HttpServletRequest;
+import org.springframework.session.web.http.DefaultCookieSerializer;
+
+public class ProtocolAwareCookieSerializer extends DefaultCookieSerializer {
+
+    @Override
+    public void writeCookieValue(CookieValue cookieValue) {
+        HttpServletRequest request = cookieValue.getRequest();
+        String proto = request.getHeader("X-Forwarded-Proto");
+
+        boolean isHttps = request.isSecure() || "https".equalsIgnoreCase(proto);
+
+        // HTTPS -> Secure O + SameSite=None
+        // HTTP -> Secure X + SameSite null
+        setUseSecureCookie(isHttps);
+        setSameSite(isHttps ? "None" : null);
+
+        super.writeCookieValue(cookieValue);
+    }
+}
diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml
index f59b3bf..35cb8ed 100644
--- a/src/main/resources/application-dev.yml
+++ b/src/main/resources/application-dev.yml
@@ -5,4 +5,7 @@ spring:
 
   jpa:
     hibernate:
-      ddl-auto: none
\ No newline at end of file
+      ddl-auto: none
+
+server:
+  forward-headers-strategy: native
\ No newline at end of file