Skip to content

Setting Max-Age=X on a cookie is completely ignored #69

Description

@oalders

Reported via email by Robert Mueller.

In this commit dacc2b7 the max-age parameter is explicitly singled out to not discard, but unfortunately it introduces a bug because now we skip the main action of:

                else {
                    push(@cur, $k => $v);
                }

Which means it never ends up in @set, and thus never ends up in %hash, which means:

        my $maxage    = delete $hash{'max-age'};

Is always undef.

So basically setting Max-Age=X on a cookie is completely ignored in the current HTTP::Cookies 6.1

Changing:

                elsif (!$first_param && lc($k) eq 'max-age') {
                    $expires++;
                }

To:

                elsif (!$first_param && lc($k) eq 'max-age') {
                    $expires++;
                    push(@cur, "Max-Age" => $v);
                }

Fixes it.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions