couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "max ogden (Created) (JIRA)" <>
Subject [jira] [Created] (COUCHDB-1304) set Expires header on session cookies to make them persistent
Date Wed, 12 Oct 2011 19:41:11 GMT
set Expires header on session cookies to make them persistent

                 Key: COUCHDB-1304
             Project: CouchDB
          Issue Type: Improvement
          Components: HTTP Interface
    Affects Versions: 1.1
            Reporter: max ogden
            Priority: Minor
             Fix For: 1.1

currently couch's cookie based authentication only sets session cookies as opposed to persistent
cookies. the difference between these two is the Expires header. if it is not present most
web browsers will delete your cookie when you quit your browser, whereas if it is set then
your browser keeps the cookie around until the time specified by the Expires header.

This sucks for UX because users quit and re-launch their browser they'll have to log in again.

I am proposing that we set the Expires header in cookies to match the time in the couch_httpd_auth

p.s. this is similar to the issue I opened
but at that time I didn't realize that what I really wanted was the Expires header

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:!default.jspa
For more information on JIRA, see:


View raw message