Hi Chris, >I'm curious: what customization do you need, here?
We’d like to override the generateHeader(Cookie cookie, HttpServletRequest request) because we need to centrally handle the addition of the sameSite cookie attribute of the session cookie as some old browser versions do not support the sameSite cookie attribute. For them the adding of this attribute should be skipped. >Why do you need the legacy cookie processor? We use the LegacyCookieProcessor as it is with more strict interpretation of the cookie specifications and provides additional configurations if needed. Thanks and regards, Polina
