what's the deal with Cookie.setMaxAge(Integer.MAX_VALUE)?

java servlets cookies websphere

12,505

Solution 1

Problem is described in http://www-01.ibm.com/support/docview.wss?uid=swg1PM34869. Cause is a kind of millenium problem: WAS7 writes cookies date as YY, WAS6 as YYYY

Solution 2

instead of setting the max age for a cookie, this setMaxAge method adds the int parameter seconds to the current SERVER date/time and puts this new date/time value to a cookie as its expiration time. Later, when this cookie is sent to the browser, this expiration date is compared to the CLIENT date/time, and cookie gets expired if its expiration date is in past.

so instead of using setMaxAge(int) use method with the date and time.

12,505

Author by

Oleg Mikheev

Java professional with over 15 years of experience and financial applications background.

Updated on June 05, 2022

Comments

Oleg Mikheev almost 2 years
setMaxAge is supposed to control the maximum age of a cookie, so if my intention is to literally set the maximum age possible the logical thing would be doing:
```
cookie.setMaxAge(Integer.MAX_VALUE);
```
However this results in no Expires in cookie HTTP header at all, I'm testing it on a WebSphere 7. Setting it to something like 1 year measured in seconds works fine.

Why is that happening?

PS Have just tested on Tomcat7 - Integer.MAX_VALUE results in Max-Age=2147483647; Expires=Wed, 06-Mar-2080 21:30:32 GMT, so it must be something wrong with WebSphere.
Edd almost 8 years

Do you realise that you have copied and pasted text from an article written by @Oleg in order to answer the question he asked? javaworld.com/article/2073096/don-t-trust-cookie-setmaxage.h‌tml