On Fri, 20 Mar 2026 17:02:45 GMT, EunHyunsu <[email protected]> wrote:
> When `expiryDate2DeltaSeconds()` fails to parse the Expires attribute against > all date formats, it returns 0. The caller in `assignMaxAgeAttribute()` then > sets `maxAge=0`, which causes `hasExpired()` to return true. Per RFC 6265 > section 5.2.1, an unparseable Expires value should be ignored, leaving > `maxAge=-1` (session cookie). > > This fix introduces a sentinel constant (`Long.MIN_VALUE`) as the return > value for parse failure, since 0 is a valid delta for dates that match the > creation time. The caller checks for this sentinel and skips the maxAge > assignment when parsing fails. > > A new test in `MaxAgeExpires` verifies that unparseable Expires values are > correctly ignored. Sorry about the force-push — I'll avoid that going forward. I've updated the copyright headers. Regarding the sentinel constant, I'll wait for @dfuch's input before making changes. ------------- PR Comment: https://git.openjdk.org/jdk/pull/30341#issuecomment-4110017942
