when creating a cookie with
@GetMapping("getCookieUsingResponseCookie")
public ResponseEntity<?> getCookieUsingResponseCookie() {
Duration d = Duration.ofDays(7);
ResponseCookie cookie = ResponseCookie.from("LWSSO_COOKIE_KEY","123-LWSSO_COOKIE_KEY-VALUE-456")
.domain("localhost")
.httpOnly(true)
// .maxAge(1000 * 60 * 60 * 24 * 7) // a week
.maxAge(d)
// .maxAge(500) // a week
.path("/")
.secure(true)
.build();
HttpHeaders headers = new HttpHeaders();
headers.set(HttpHeaders.SET_COOKIE, cookie.toString());
System.out.println(cookie.toString());
ResponseEntity<?> response = new ResponseEntity<>(null, headers, HttpStatus.OK);
return response;
}
or even if I use
.maxAge(1000 * 60 * 60 * 24 * 7) // a week
instead of a duration the cookie looks like:
Set-Cookie: LWSSO_COOKIE_KEY=123-LWSSO_COOKIE_KEY-VALUE-456; Path=/; Domain=localhost; Max-Age=PT168H; Expires=Tue, 14 Jun 2022 22:35:02 GMT; Secure; HttpOnly
the Max-Age=PT168H seems wrong compared to other cookies or using javax.servlet.http.Cookie
Looked in the RFC but did not see anything about that format. Is this a bug?
CodePudding user response:
No, it's not a bug.
According to documentation maxAge attribute is type java.time.Duration
.
So, what you see is toString()
representation of Duration object.
Duration toString()
returns a string representation of duration using ISO-8601 seconds based representation, such as PT8H6M12.345S
.
The format of the string will be PTnHnMnS
, where n
is the relevant hours, minutes or seconds part of the duration.
Examples:
"20.345 seconds" -- "PT20.345S
"15 minutes" (15 * 60 seconds) -- "PT15M"
"10 hours" (10 * 3600 seconds) -- "PT10H"
"2 days" (2 * 86400 seconds) -- "PT48H"
So 7 days will have 7*24 hours which is 168 hours in total, which will be described using above schema as : PT168H