Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cookies: the max expire time is 400 days #13543

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

cookies: the max expire time is 400 days #13543

wants to merge 1 commit into from

Conversation

bagder
Copy link
Member

@bagder bagder commented May 6, 2024

draft-ietf-httpbis-rfc6265bis-14 says:

"The limit SHOULD NOT be greater than 400 days (34560000 seconds) in
duration. The RECOMMENDED limit is 400 days in duration, but the user
agent MAY adjust the limit. Max-Age attributes that are greater than
the limit MUST be reduced to the limit."

@bagder
cookies: the max expire time is 400 days
55ed9fd 
draft-ietf-httpbis-rfc6265bis-14 says:

 "The limit SHOULD NOT be greater than 400 days (34560000 seconds) in
 duration. The RECOMMENDED limit is 400 days in duration, but the user
 agent MAY adjust the limit. Max-Age attributes that are greater than
 the limit MUST be reduced to the limit."
@bagder bagder added the cookies label May 6, 2024
@github-actions github-actions bot added the tests label May 6, 2024
@bagder
Copy link
Member Author

bagder commented May 6, 2024

The draft is now in working group last call and I consider it likely that this wording is going to end up in a final version of the document.

The biggest flaw I think right now is that this change requires a debug build to be properly tested - since we want to set a fake time to be able to verify this correctly.

@bagder
Copy link
Member Author

bagder commented May 6, 2024

@danielgustafsson I brought this back for consideration

@danielgustafsson
Copy link
Member

@danielgustafsson I brought this back for consideration

Thanks! I think we should pursue this, will take it for a spin tomorrow for a review.

@danielgustafsson
Copy link
Member

It still rubs me the wrong way that we need to fudge dates with debug builds. I'm going to have one more go at creating a test which doesn't need that and if that fails we'll just go with this I reckon.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
cookies tests
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@bagder @danielgustafsson