File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

A doubt in Cookie

 
Sumit Jindal
Greenhorn
Posts: 3
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I was trying out Cookie example from Session Mgmt chapter of HSFJ.
What I did was, created a new cookie with key=username and value=xyz. I also did a setMaxAge(5*60); on that cookie object and added that in response.
After sending the response, I checked in browser(firefox 3.0) for the cookie. The cookie was present with expiry time as expected i.e 5 minutes after current time.
Now, I made a another request to some other servlet where I checked the maxAge for that old cookie (i.e "username"). Surprisingly, getMaxAge() returned -1. I realized that this can be because the browser is sending the cookie in Header as "cookie:username=xyz" which doesn't contain any info about the max age. So, it is giving the max age by default as -1 to that cookie.
What I wanted to know is, if there is any way I can find out the original maxAge of the cookie which I had set while creating it in previous response?

Hope.. my doubt is clear.

Thanks
Sumit
 
Steve Luke
Bartender
Pie
Posts: 4181
21
IntelliJ IDE Java Python
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No, the timeout is maintained by the client side, and not shared with the server. Why do you want to get the timeout?
 
Pat Farrell
Rancher
Posts: 4660
5
Linux Mac OS X VI Editor
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Sumit Jindal:
What I wanted to know is, if there is any way I can find out the original maxAge of the cookie which I had set while creating it in previous response?


No, and more importantly:

Never trust data from the client/browser.

Never ever.

It is much better to set the cookie to a nonce value, and use the nonce as the key to a HashMap on your server/servlet side
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic