Cookie expiration behavior 2021 R1

William_Reynolds · April 3, 2021, 9:30pm

I’m trying to use a prior successful login to a web app to create a cookie that will allow the user to auto-login back to the app if they revisit the site in the next few hours.

My interpretation of the documentation is that setting a cookie with an expiration will return an empty string once that cookie has expired.

Sample code:

Var Expire12Hours As DateTime = DateTime.Now + New DateInterval(0, 0, 0, 0, 0, 15) // Now + 15 seconds for testing
Session.Cookies.Set(“auto_login”, Session.user_id, Expire12Hours)

Then I’m using this cookie in subsequent visits to the site, but it’s always returning the stored value, and not an empty string as I’d expected when it’s expired.

If Session.Cookies.Value("auto_login") <> "" Then
  System.DebugLog("got here - cookie value: " + Session.Cookies.Value("auto_login"))
End If

…no matter how much time passes this cookie is still retrieved and still returns a non-empty string, thus bypassing the whole idea of “expired”. Thanks for any pointers!

Greg_O_Lone · April 3, 2021, 9:53pm

Make sure you close the browser window and make a new connection when you test this. Cookie info is only sent from the browser when it first connects to the app.

William_Reynolds · April 3, 2021, 10:02pm

I’ve quit the browser entirely, same results.

William_Reynolds · April 3, 2021, 10:08pm

Update: I should have mentioned that I was trying this via the IDE, on my local machine. When I deploy this to the production host machine it DOES work as expected.

William_Reynolds · April 3, 2021, 10:16pm

Update to my Update: This works in the IDE with (macOS) Safari, but NOT with Microsoft Edge. Both Edge and Safari work on deployed versions of the web app, but only Safari works on the local (IDE-driven) instances.