Java Reference
In-Depth Information
Cookie Expiry Dates
Cookies are
session cookies
by default. This means that they are deleted once a browser
session is finished (when the user closes the browser tab or window). Cookies can be made
persistent
―that is, lasting beyond the browser session―by adding
"; expires=d-
ate"
to the end of the cookie when it is set, where
date
is a date value in the UTC String
format
Day, DD-Mon-YYYY HH:MM:SS GMT
. The following example sets a cookie
to expire in one day's time:
var expiryDate = new Date();
var tomorrow = expiryDate.getTime() + 1000 * 60 * 60 * 24;
expiryDate.setTime(tomorrow);
document.cookie = "name=Batman; expires=" + expiryDate.
↵
toUTCString();
An alternative is to set the
max-age
value. This takes a value in seconds, but is not sup-
ported in Internet Explorer version 9 or earlier:
document.cookie = "name=Batman; max-age=86400" // 86400
secs = 1 day
The Path and Domain of Cookies
By default, cookies can only be read by pages inside the same directory and domain as the
file was set. This is for security reasons so that access to the cookie is limited.
The path can be changed so that any page in the root directory can read the cookie. It's
done by adding
"; path=/"
to the end of the cookie when it is set:
document.cookie = "name=Batman; path=/"
It's also possible to set the domain by adding
"; domain=domainName"
to the end of
the cookie:
document.cookie = "name=Batman; domain=sitepoint.com";
