[rt-users] expiring cookies

[darren chamberlain]

* timuel <timwese at voicenet.com> [2002-04-11 13:12]:
> Is anyone aware of a (auick and dirty) way in which a cookie can be
> expired after X amount of time? We are having a problem with employees
> sharing workstations as it seems as though the cookies last forever...
> (RT 2.0.9pre4).
> 
> I`m assuming something in Web.pm or webmux.pl but I can`t find say for
> sure... perhaps:
> 
> [root at myhost rt2]# find . -exec grep -sl ookie {} \;
> ./bin/webmux.pl
> ./bin/mason_handler.fcgi
> ./bin/mason_handler.scgi
> ./lib/RT/Interface/Web.pm

My copy of webmux.pl has these lines:

    156     if ( !$cookies{'AF_SID'} ) {
    157         my $cookie = new Apache::Cookie
    158           ($r,
    159            -name=>'AF_SID',
    160            -value=>$HTML::Mason::Commands::session{_session_id},
    161            -path => '/',);
    162         $cookie->bake;
    163 
    164     }

I.e., cookies are to expire when the browser session ends.  Individual
clients might not repect this, of course.  To set an explicit expiration
time, add:

  -expires => "$time",

after line 160 (or so).  $time, in this case, is either a http-formatted
time or (more conveniently) a relative time, espressed symbolicly:

    # format for time can be in any of the forms...
    # "now" -- expire immediately
    # "+180s" -- in 180 seconds
    # "+2m" -- in 2 minutes
    # "+12h" -- in 12 hours
    # "+1d"  -- in 1 day
    # "+3M"  -- in 3 months
    # "+2y"  -- in 2 years
    # "-3m"  -- 3 minutes ago(!)
    # If you don't supply one of these forms, we assume you are
    # specifying the date yourself

(This is from CGI::Util::expires.)

So, to expire in 1 day, use +1d as the value for expires.

(darren)

-- 
My wife always warns me about all that cholesterol in the French
fries I eat. I just laugh at her, though, because I know with all
the salt I put on them, my blood pressure is high enough to push
through any clogged arteries.
    -- Dean Anderson