Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Cookie max age in Java

Tags:

java

cookies

What is the difference between this:

cookie.setMaxAge(0);

and this

cookie.setMaxAge(-1);

Does first make it removed?

like image 998
Tony Avatar asked May 13 '14 11:05

Tony


3 Answers

Assuming we are talking about javax.servlet.http.Cookie

This is what Javadoc says

setMaxAge public void setMaxAge(int expiry)

Sets the maximum age in seconds for this Cookie.

A positive value indicates that the cookie will expire after that many seconds have passed. Note that the value is the maximum age when the cookie will expire, not the cookie's current age.

A negative value means that the cookie is not stored persistently and will be deleted when the Web browser exits.

A zero value causes the cookie to be deleted.

like image 103
Hirak Avatar answered Oct 24 '22 05:10

Hirak


A negative value means that the cookie is not stored persistently and will be deleted when the Web browser exits. A zero value causes the cookie to be deleted.

http://docs.oracle.com/javaee/6/api/javax/servlet/http/Cookie.html#setMaxAge%28int%29

like image 7
IsidroGH Avatar answered Oct 24 '22 06:10

IsidroGH


From RFC 6265:

If delta-seconds is less than or equal to zero (0), let expiry-time be the earliest representable date and time. Otherwise, let the expiry-time be the current date and time plus delta-seconds seconds.

Therefore, both have the cookie expire as soon as possible on a compliant user-agent.

However, in practice, negative values imply session cookies.

like image 2
nanofarad Avatar answered Oct 24 '22 06:10

nanofarad