Decodeat · kjhh2605 · Sep 9, 2025 · Sep 9, 2025
diff --git a/src/main/java/com/DecodEat/global/util/CookieUtil.java b/src/main/java/com/DecodEat/global/util/CookieUtil.java
@@ -3,6 +3,7 @@
 import jakarta.servlet.http.Cookie;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.http.ResponseCookie;
 import org.springframework.util.SerializationUtils;
 
 import java.io.*;
@@ -24,15 +25,15 @@ public static Optional<Cookie> getCookie(HttpServletRequest request, String name
     }
 
     // 응답 객체(response)에 쿠키를 추가하는 메소드
-    // httpOnly: true -> 자바스크립트에서 쿠키에 접근 불가
-    // secure: true -> HTTPS 통신에서만 쿠_cookie 전송
     public static void addCookie(HttpServletResponse response, String name, String value, int maxAge) {
-        Cookie cookie = new Cookie(name, value);
-        cookie.setPath("/"); // 쿠키가 적용될 경로
-        cookie.setMaxAge(maxAge); // 쿠키의 유효 기간(초 단위)
-        cookie.setHttpOnly(true); // JavaScript를 통한 접근 방지
-        // cookie.setSecure(true); // HTTPS를 사용하는 경우에만 활성화
-        response.addCookie(cookie);
+        ResponseCookie cookie = ResponseCookie.from(name, value)
+                .path("/")
+                .maxAge(maxAge)
+                .httpOnly(true)
+                .secure(true)
+                .sameSite("None")
+                .build();
+        response.addHeader("Set-Cookie", cookie.toString());
     }
 
     // 특정 이름의 쿠키를 삭제하는 메소드
@@ -41,10 +42,13 @@ public static void deleteCookie(HttpServletRequest request, HttpServletResponse
         if (cookies != null && cookies.length > 0) {
             for (Cookie cookie : cookies) {
                 if (name.equals(cookie.getName())) {
-                    cookie.setValue("");
-                    cookie.setPath("/");
-                    cookie.setMaxAge(0); // 유효 기간을 0으로 설정하여 즉시 만료
-                    response.addCookie(cookie);
+                    ResponseCookie deleteCookie = ResponseCookie.from(name, "")
+                            .path("/")
+                            .maxAge(0)
+                            .secure(true)
+                            .sameSite("None")
+                            .build();
+                    response.addHeader("Set-Cookie", deleteCookie.toString());
                 }
             }
         }
@@ -61,4 +65,4 @@ public static <T> T deserialize(Cookie cookie, Class<T> cls) {
         byte[] decodedBytes = Base64.getUrlDecoder().decode(cookie.getValue());
         return cls.cast(SerializationUtils.deserialize(decodedBytes));
     }
-}
+}