Forum OpenACS Q&A: Response to Cookie Expiration Recommendations

Posted by Jason Khong on
More thoughts...

According to the Netscape cookie specs (see first post): expires=DATE The expires attribute specifies a date string that defines the valid life time of that cookie. Once the expiration date has been reached, the cookie will no longer be stored or given out. ... expires is an optional attribute. If not specified, the cookie will expire when the user's session ends. So it's not possible to set a short session timeout AND expire-on-close on the cookie at the same time (referring to ad_session_id).
So that rules out the easiest thing to do :)