> When `expiryDate2DeltaSeconds()` fails to parse the Expires attribute against > all date formats, it returns 0. The caller in `assignMaxAgeAttribute()` then > sets `maxAge=0`, which causes `hasExpired()` to return true. Per RFC 6265 > section 5.2.1, an unparseable Expires value should be ignored, leaving > `maxAge=-1` (session cookie). > > This fix introduces a sentinel constant (`Long.MIN_VALUE`) as the return > value for parse failure, since 0 is a valid delta for dates that match the > creation time. The caller checks for this sentinel and skips the maxAge > assignment when parsing fails. > > A new test in `MaxAgeExpires` verifies that unparseable Expires values are > correctly ignored.
EunHyunsu has refreshed the contents of this pull request, and previous commits have been removed. The incremental views will show differences compared to the previous content of the PR. The pull request contains one new commit since the last revision: 8380549: HttpCookie.expiryDate2DeltaSeconds returns 0 on parse failure, causing immediate cookie expiration ------------- Changes: - all: https://git.openjdk.org/jdk/pull/30341/files - new: https://git.openjdk.org/jdk/pull/30341/files/bd9a80e6..40aef20d Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk&pr=30341&range=01 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=30341&range=00-01 Stats: 2 lines in 2 files changed: 0 ins; 0 del; 2 mod Patch: https://git.openjdk.org/jdk/pull/30341.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/30341/head:pull/30341 PR: https://git.openjdk.org/jdk/pull/30341
