Cookie expiration is related with Session expiration time of server?

Question

Am setting Cookie using below code,

document.cookie = name+"="+value+ ";expires="+"domain=xyz.com;path=/";

And session expiration time set in my server is 15mins. If client is idle for 15 mins, after 15 mins, session will be destroyed. Will this destroy the value set in my Cookie?

I mean, is cookie expiration set in document.cookie related to cookie expiration set in the server?

Answer 1

I think the answer really depends on how the browser handles cookie expirations.

When the server sends the HTTP response, the client (browser) will look for any Set-Cookie headers on the response. If found, it will override the cookies stored on the browser.

Quoting from Persistent Client State HTTP Cookies:

The expires header lets the client know when it is safe to purge the mapping but the client is not required to do so. A client may also delete a cookie before it's expiration date arrives if the number of cookies exceeds its internal limits.

Also, check this:

If a CGI script wishes to delete a cookie, it can do so by returning a cookie with the same name, and an expires time which is in the past. The path and name must match exactly in order for the expiring cookie to replace the valid cookie. This requirement makes it difficult for anyone but the originator of a cookie to delete a cookie.

It means that if the web server automatically sends you a response with the Set-Cookie header, it will override the cookie you manually set.

Related:
http://www.superuser.com/questions/356265/what-do-browsers-do-with-expired-cookies
http://www.stackoverflow.com/questions/1635909/how-do-i-remove-delete-expire-a-cookie-immediately