Cookie Expires / Max-Age 1969-12-31T23:59:59.000Z
Have you ever noticed a cookie in Chrome Developer Tools showing a Expires / Max-Age value of
Such a cookie is known as a browser session cookie it will persist for as long as the browser is open. It is also refereed to a a browser in memory cookie (meaning that the browser doesn't persist the cookie value to disk).
Such a cookie may be preferable for security because it not written to disk. One thing to keep in mind is that the cookie could be in memory for quite some time if a user keeps their browser open for a long time.
If you omit the Expires value for a cookie, it will end up with the expiration date
1969-12-31T23:59:59.000Z in Chrome Developer Tools.
So why then does it have a value of 1969-12-31T23:59:59.000Z? Well the Unix timestamp epoch is Jan 1 1970 (the beginning of unix time), so a timestamp value of 0 is Jan 1st 1970. A value of
-1 is 1969-12-31 one second before midnight.
- Sessions don't work in Chrome but do in IE - February 6, 2019
- Firefox Aurora now Supports Content Security Policy 1.0 - May 31, 2013
- J2EE Sessions in CF10 Uses Secure Cookies - April 5, 2013
- Updating Java on ColdFusion or Lucee
- ColdFusion returning empty response with server-error: true
- Careful applying CF11u16, CF2016u8, CF2018u2
- Sessions don't work in Chrome but do in IE
- csrfVerifyToken does not invalidate the token
- The cf_sql_ is optional in cfqueryparam
- Burst Throttling on AWS API Gateway Explained