The Web Design Group

... Making the Web accessible to all.

Welcome Guest ( Log In | Register )

> max-age attribute not working, How do you make a cookie expire?
jmrathbun
post Jun 29 2011, 09:02 PM
Post #1


Newbie
*

Group: Members
Posts: 15
Joined: 8-June 11
Member No.: 14,726



I'm trying to set a cookie that will expire in 24 hours. I've tried
CODE
Set-Cookie: score=10; path=/; expires=time()+86400

and I've tried
CODE
Set-Cookie: score=10; path=/; max-age=86400

both on Unix and on Windows servers, but in every case I get a session cookie only.

What's wrong?
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
 
Reply to this topicStart new topic
Replies
Darin McGrew
post Jun 30 2011, 02:24 PM
Post #2


WDG Member
********

Group: Root Admin
Posts: 8,004
Joined: 4-August 06
From: Mountain View, CA
Member No.: 3



The expires=... value should be a date/time value, for example:
expires=Thu, 30-Jun-2012 20:23:38 GMT

Something needs to process the "time()+86400" value and convert that into a date/time value in the above format. That isn't happening.


--------------------
Darin McGrew
WDG Member since 1998
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
jmrathbun
post Jun 30 2011, 04:01 PM
Post #3


Newbie
*

Group: Members
Posts: 15
Joined: 8-June 11
Member No.: 14,726



QUOTE(Darin McGrew @ Jun 30 2011, 03:24 PM) *

The expires=... value should be a date/time value, for example:
expires=Thu, 30-Jun-2012 20:23:38 GMT

Something needs to process the "time()+86400" value and convert that into a date/time value in the above format. That isn't happening.


According to http://tools.ietf.org/html/rfc6265#section-4.1

QUOTE

4.1.2.2. The Max-Age Attribute


The Max-Age attribute indicates the maximum lifetime of the cookie,
represented as the number of seconds until the cookie expires. The
user agent is not required to retain the cookie for the specified
duration. In fact, user agents often evict cookies due to memory
pressure or privacy concerns.

NOTE: Some existing user agents do not support the Max-Age
attribute. User agents that do not support the Max-Age attribute
ignore the attribute.

If a cookie has both the Max-Age and the Expires attribute, the Max-
Age attribute has precedence and controls the expiration date of the
cookie. If a cookie has neither the Max-Age nor the Expires
attribute, the user agent will retain the cookie until "the current
session is over" (as defined by the user agent).


So maybe my Firefox is one of those browsers that ignores the max-age attribute. As far as the expires= tag, I gather that's deprecated and I have seen multiple conflicting ideas on how to use it. I decided to rewrite my script using CGI to manage the whole cookie business, and what I got was similar to what you recommend. Now I just have to figure out how to get it to write multiple cookies or else a single cookie containing a hash (which I then have to parse in my script that reads and uses the cookie.) Ugh!
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
jmrathbun
post Jun 30 2011, 04:23 PM
Post #4


Newbie
*

Group: Members
Posts: 15
Joined: 8-June 11
Member No.: 14,726



OK, I think I got it! Here's a working script:
CODE
#!/usr/local/bin/perl
use warnings;
use strict;
use CGI;
my $cgi=new CGI;
use diagnostics;

my $c_topic = $cgi->cookie(-name=>'topic',-value=>'Consciousness',-expires=>'+1d',-path=>'/');
my $c_score = $cgi->cookie(-name=>'score',-value=>'10',-expires=>'+1d',-path=>'/');
my $c_smarts = $cgi->cookie(-name=>'smarts',-value=>'20',-expires=>'+1d',-path=>'/');
my $c_playlevel = $cgi->cookie(-name=>'playlevel',-value=>'30',-expires=>'+1d',-path=>'/');

print "Set-Cookie: $c_topic\n";
print "Set-Cookie: $c_score\n";
print "Set-Cookie: $c_smarts\n";
print "Set-Cookie: $c_playlevel\n";
print $cgi->header;
print $cgi->start_html('Set Cookie');
print $cgi->h1('The cookie has been set!');
print $cgi->end_html;


And the output is:
CODE
Set-Cookie: topic=Consciousness; path=/; expires=Fri, 01-Jul-2011 21:14:11 GMT
Set-Cookie: score=10; path=/; expires=Fri, 01-Jul-2011 21:14:11 GMT
Set-Cookie: smarts=20; path=/; expires=Fri, 01-Jul-2011 21:14:11 GMT
Set-Cookie: playlevel=30; path=/; expires=Fri, 01-Jul-2011 21:14:11 GMT
Content-Type: text/html; charset=ISO-8859-1



<!DOCTYPE html
    PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US">
<head>
<title>Set Cookie</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>
<body>
<h1>The cookie has been set!</h1>
</body>
</html>


Thanks to all who tried to help. I only do this because it's so much fun!

User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post

Posts in this topic


Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



- Lo-Fi Version Time is now: 20th August 2014 - 03:26 PM