max-age attribute not working, How do you make a cookie expire? |
max-age attribute not working, How do you make a cookie expire? |
jmrathbun |
Jun 29 2011, 09:02 PM
Post
#1
|
Newbie Group: Members Posts: 15 Joined: 8-June 11 Member No.: 14,726 |
I'm trying to set a cookie that will expire in 24 hours. I've tried
CODE Set-Cookie: score=10; path=/; expires=time()+86400 and I've tried CODE Set-Cookie: score=10; path=/; max-age=86400 both on Unix and on Windows servers, but in every case I get a session cookie only. What's wrong? |
Christian J |
Jun 30 2011, 05:30 AM
Post
#2
|
. Group: WDG Moderators Posts: 9,679 Joined: 10-August 06 Member No.: 7 |
That looks like a HTTP response, so I move the thread to the Web server configuration forum.
|
jmrathbun |
Jun 30 2011, 06:35 AM
Post
#3
|
Newbie Group: Members Posts: 15 Joined: 8-June 11 Member No.: 14,726 |
|
Christian J |
Jun 30 2011, 10:05 AM
Post
#4
|
. Group: WDG Moderators Posts: 9,679 Joined: 10-August 06 Member No.: 7 |
That looks like a HTTP response, so I move the thread to the Web server configuration forum. Huh? Sorry if I got that wrong. So what are you using to set the cookie --server-side scripting (if so which language?), htaccess directive? |
jmrathbun |
Jun 30 2011, 11:59 AM
Post
#5
|
Newbie Group: Members Posts: 15 Joined: 8-June 11 Member No.: 14,726 |
Sorry to be so unclear. According to various online sources, this code goes at the top of the html document and it executes as expected (leaving a cookie) except the cookie expires at the end of the browser session instead of 24 hours later as the code indicates it should. Here's the whole script:
CODE #!/usr/local/bin/perl use warnings; use strict; use CGI; my $cgi=new CGI; use diagnostics; print "Set-Cookie: topic=Consciousness; path=/; expires=time()+86400\n"; print "Set-Cookie: score=10; path=/; max-age=86400\n"; print "Set-Cookie: smarts=20; path=/; expires=time()+86400\n"; print "Set-Cookie: playlevel=30; path=/; max-age=86400\n"; print $cgi->header; print $cgi->start_html('Set Cookie'); print $cgi->h1('The cookie has been set!'); print $cgi->end_html; |
Darin McGrew |
Jun 30 2011, 12:12 PM
Post
#6
|
WDG Member Group: Root Admin Posts: 8,365 Joined: 4-August 06 From: Mountain View, CA Member No.: 3 |
QUOTE this code goes at the top of the html document No, that is incorrect. That code might go at the top of a Perl CGI program that generates an HTML document, but it does not go at the top of a plain HTML document. |
jmrathbun |
Jun 30 2011, 12:35 PM
Post
#7
|
Newbie Group: Members Posts: 15 Joined: 8-June 11 Member No.: 14,726 |
Try testing my code, if you will. I've done it from this Perl script and with conventional HTML, and it always generates cookies. My question is, why are they session cookies rather than carrying the expiration date as the code requires? If you think it's the positioning that's at fault, how would you reposition this in the HTML? Please test your code before posting. Here's the output of the script:
CODE Set-Cookie: topic=Consciousness; path=/; expires=time()+86400 Set-Cookie: score=10; path=/; max-age=86400 Set-Cookie: smarts=20; path=/; expires=time()+86400 Set-Cookie: playlevel=30; path=/; max-age=86400 Content-Type: text/html; charset=ISO-8859-1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US"> <head> <title>Set Cookie</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> </head> <body> <h1>The cookie has been set!</h1> </body> </html> |
Darin McGrew |
Jun 30 2011, 02:24 PM
Post
#8
|
WDG Member Group: Root Admin Posts: 8,365 Joined: 4-August 06 From: Mountain View, CA Member No.: 3 |
The expires=... value should be a date/time value, for example:
expires=Thu, 30-Jun-2012 20:23:38 GMT Something needs to process the "time()+86400" value and convert that into a date/time value in the above format. That isn't happening. |
jmrathbun |
Jun 30 2011, 04:01 PM
Post
#9
|
Newbie Group: Members Posts: 15 Joined: 8-June 11 Member No.: 14,726 |
The expires=... value should be a date/time value, for example: expires=Thu, 30-Jun-2012 20:23:38 GMT Something needs to process the "time()+86400" value and convert that into a date/time value in the above format. That isn't happening. According to http://tools.ietf.org/html/rfc6265#section-4.1 QUOTE 4.1.2.2. The Max-Age Attribute The Max-Age attribute indicates the maximum lifetime of the cookie, represented as the number of seconds until the cookie expires. The user agent is not required to retain the cookie for the specified duration. In fact, user agents often evict cookies due to memory pressure or privacy concerns. NOTE: Some existing user agents do not support the Max-Age attribute. User agents that do not support the Max-Age attribute ignore the attribute. If a cookie has both the Max-Age and the Expires attribute, the Max- Age attribute has precedence and controls the expiration date of the cookie. If a cookie has neither the Max-Age nor the Expires attribute, the user agent will retain the cookie until "the current session is over" (as defined by the user agent). So maybe my Firefox is one of those browsers that ignores the max-age attribute. As far as the expires= tag, I gather that's deprecated and I have seen multiple conflicting ideas on how to use it. I decided to rewrite my script using CGI to manage the whole cookie business, and what I got was similar to what you recommend. Now I just have to figure out how to get it to write multiple cookies or else a single cookie containing a hash (which I then have to parse in my script that reads and uses the cookie.) Ugh! |
jmrathbun |
Jun 30 2011, 04:23 PM
Post
#10
|
Newbie Group: Members Posts: 15 Joined: 8-June 11 Member No.: 14,726 |
OK, I think I got it! Here's a working script:
CODE #!/usr/local/bin/perl use warnings; use strict; use CGI; my $cgi=new CGI; use diagnostics; my $c_topic = $cgi->cookie(-name=>'topic',-value=>'Consciousness',-expires=>'+1d',-path=>'/'); my $c_score = $cgi->cookie(-name=>'score',-value=>'10',-expires=>'+1d',-path=>'/'); my $c_smarts = $cgi->cookie(-name=>'smarts',-value=>'20',-expires=>'+1d',-path=>'/'); my $c_playlevel = $cgi->cookie(-name=>'playlevel',-value=>'30',-expires=>'+1d',-path=>'/'); print "Set-Cookie: $c_topic\n"; print "Set-Cookie: $c_score\n"; print "Set-Cookie: $c_smarts\n"; print "Set-Cookie: $c_playlevel\n"; print $cgi->header; print $cgi->start_html('Set Cookie'); print $cgi->h1('The cookie has been set!'); print $cgi->end_html; And the output is: CODE Set-Cookie: topic=Consciousness; path=/; expires=Fri, 01-Jul-2011 21:14:11 GMT Set-Cookie: score=10; path=/; expires=Fri, 01-Jul-2011 21:14:11 GMT Set-Cookie: smarts=20; path=/; expires=Fri, 01-Jul-2011 21:14:11 GMT Set-Cookie: playlevel=30; path=/; expires=Fri, 01-Jul-2011 21:14:11 GMT Content-Type: text/html; charset=ISO-8859-1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US"> <head> <title>Set Cookie</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> </head> <body> <h1>The cookie has been set!</h1> </body> </html> Thanks to all who tried to help. I only do this because it's so much fun! |
Lo-Fi Version | Time is now: 5th June 2024 - 12:46 AM |