Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid session cookie handling when creating 100-year cookies #892

Closed
vonox7 opened this issue Jan 22, 2019 · 1 comment
Closed

Invalid session cookie handling when creating 100-year cookies #892

vonox7 opened this issue Jan 22, 2019 · 1 comment
Assignees
@cy6erGn0m
Labels
bug
Milestone
1.1.2

Comments

@vonox7
Copy link

vonox7 commented Jan 22, 2019

Ktor 1.1.1 reverts fixes that are made in #686:

If you crate a cookie with cookie.duration = Duration.ofDays((100 * 365).toLong()) a cookie without a duration (session-cookie) is created. Apparently the commit 17bb8fb which fixed another issue broke that case

I see here 2 ways to fix it:
a) throw if maxAge > Int.MAX_VALUE (so at least the error would be found immediately and not after several days of debugging)
b) move the ?.takeIf { it <= Int.MAX_VALUE } from line 31 to line 38, so line 38 would be maxAge?.takeIf { it <= Int.MAX_VALUE }?.toInt() ?: 0,
@cy6erGn0m cy6erGn0m self-assigned this Jan 22, 2019
@cy6erGn0m cy6erGn0m added the bug label Jan 22, 2019
@cy6erGn0m cy6erGn0m added this to the 1.1.2 milestone Jan 22, 2019
@cy6erGn0m
Copy link
Contributor

Other possible options would be:

  • bump maxAge to Int.MAX_VALUE since usually people simply want very very long duration and it doesn't matter what exact value it will be (for now I'll prefer it as a quick fix)
  • replace Int with Long to support larger values

cy6erGn0m pushed a commit that referenced this issue Jan 22, 2019
Bump cookie max-age value to Int.MAX_VALUE (#892)
9c51380
@cy6erGn0m cy6erGn0m mentioned this issue Jan 22, 2019
Closed
schleinzer pushed a commit to schleinzer/ktor that referenced this issue Feb 26, 2019
Bump cookie max-age value to Int.MAX_VALUE (ktorio#892)
acb52e7
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cy6erGn0m cy6erGn0m

Labels
bug
Projects
None yet
Milestone
1.1.2
Development

No branches or pull requests
2 participants
@vonox7 @cy6erGn0m