You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2017/03/24 04:33:21 UTC
[Bug 60908] New: Add expires parameters in Apache-issued cookies
https://bz.apache.org/bugzilla/show_bug.cgi?id=60908
Bug ID: 60908
Summary: Add expires parameters in Apache-issued cookies
Product: Apache httpd-2
Version: 2.5-HEAD
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: Core
Assignee: bugs@httpd.apache.org
Reporter: manu@netbsd.org
Target Milestone: ---
Created attachment 34872
--> https://bz.apache.org/bugzilla/attachment.cgi?id=34872&action=edit
Add expires parameters in Apache-issued cookies
ap_cookie_write() sets a cookie with an optional max-age parameter.
Unfortunately, Microsoft Internet Explorer and Edge browsers do not support
max-age and will only consider the expires property.
The attached patch adds an expires property matching max-age, so that cookies
set with ap_cookie_write() behave the same way on all browsers.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60908] Add expires parameters in Apache-issued cookies
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60908
manu@netbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #34872|0 |1
is patch| |
--- Comment #1 from manu@netbsd.org ---
Comment on attachment 34872
--> https://bz.apache.org/bugzilla/attachment.cgi?id=34872
Add expires parameters in Apache-issued cookies
>Index: server/util_cookies.c
>===================================================================
>--- server/util_cookies.c (revision 1788360)
>+++ server/util_cookies.c (working copy)
>@@ -35,7 +35,8 @@
> * @param val The value to place in the cookie.
> * @param attrs The string containing additional cookie attributes. If NULL, the
> * DEFAULT_ATTRS will be used.
>- * @param maxage If non zero, a Max-Age header will be added to the cookie.
>+ * @param maxage If non zero, Max-Age and derived Expires header will be
>+ added to the cookie.
> */
> AP_DECLARE(apr_status_t) ap_cookie_write(request_rec * r, const char *name, const char *val,
> const char *attrs, long maxage, ...)
>@@ -49,7 +50,12 @@
> /* handle expiry */
> buffer = "";
> if (maxage) {
>+ char expires[APR_RFC822_DATE_LEN];
>+
> buffer = apr_pstrcat(r->pool, "Max-Age=", apr_ltoa(r->pool, maxage), ";", NULL);
>+
>+ if (apr_rfc822_date(expires, apr_time_now() + apr_time_from_sec(maxage)) == APR_SUCCESS)
>+ buffer = apr_pstrcat(r->pool, buffer, "Expires=", expires, ";", NULL);
> }
>
> /* create RFC2109 compliant cookie */
>@@ -124,6 +130,7 @@
>
> /* create RFC2109 compliant cookie */
> const char *rfc2109 = apr_pstrcat(r->pool, name, "=;Max-Age=0;",
>+ "Expires=Thu, 01-Jan-1970 01:00:00 GMT;",
> attrs ? attrs : CLEAR_ATTRS, NULL);
> ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00009) LOG_PREFIX
> "user '%s' removed cookie: '%s'", r->user, rfc2109);
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 60908] Add expires parameters in Apache-issued cookies
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60908
manu@netbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |PatchAvailable
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org