New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secure Cookies: Recommendation of `Expires` vs `Max-Age`? #37640

Open

cycomachead opened this issue Jan 14, 2025 · 0 comments

Labels

Content:Security needs triage

cycomachead commented Jan 14, 2025

MDN URL

https://developer.mozilla.org/en-US/docs/Web/Security/Practical_implementation_guides/Cookies

What specific section or headline is this issue about?

Solution

What information was incorrect, unhelpful, or incomplete?

The text includes the line:

Expires is preferred unless you need to support IE < 8, in which case use Max-Age.

Given the benefits of Max-Age, should this sentence not be reversed?

What did you expect to see?

I thought Max-Age was the preferred form of setting a cookie's expiration date.

Do you have any supporting links, references, or citations?

No response

Do you have anything more you want to share?

No response

MDN metadata

Page report details

Folder: en-us/web/security/practical_implementation_guides/cookies
MDN URL: https://developer.mozilla.org/en-US/docs/Web/Security/Practical_implementation_guides/Cookies
GitHub URL: https://github.com/mdn/content/blob/main/files/en-us/web/security/practical_implementation_guides/cookies/index.md
Last commit: be3f184
Document last modified: 2024-12-17T23:24:43.000Z

The text was updated successfully, but these errors were encountered:

cycomachead added the needs triage label

github-actions bot added the Content:Security label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment