Skip to content

Set MaxAge in web cookie if time until expiry is > 0#58293

Merged
avatus merged 1 commit intomasterfrom
avatus/fix_set_cookie
Aug 24, 2025
Merged

Set MaxAge in web cookie if time until expiry is > 0#58293
avatus merged 1 commit intomasterfrom
avatus/fix_set_cookie

Conversation

@avatus
Copy link
Copy Markdown
Contributor

@avatus avatus commented Aug 24, 2025

This updates the logic to only setting max-age if the provided expiry is in the future rather than any non-zero value. this fixes the failing tests in e due to a time.Now() being in the past (non-zero)

@avatus
Set MaxAge in web cookie if time until expiry is > 0
a9c4d06 
This updates the logic to only setting max-age if the provided expiry is
in the future rather than any non-zero value.
@avatus avatus added the no-changelog Indicates that a PR does not require a changelog entry label Aug 24, 2025
@avatus avatus requested review from kimlisa and ryanclark August 24, 2025 18:38
@avatus avatus enabled auto-merge August 24, 2025 18:59
@avatus avatus added this pull request to the merge queue Aug 24, 2025
Merged via the queue into master with commit d085864 Aug 24, 2025
44 of 45 checks passed
@avatus avatus deleted the avatus/fix_set_cookie branch August 24, 2025 19:52
mmcallister pushed a commit that referenced this pull request Sep 22, 2025
@avatus @mmcallister
Set MaxAge in web cookie if time until expiry is > 0 (#58293)
d30c634 
This updates the logic to only setting max-age if the provided expiry is
in the future rather than any non-zero value.
avatus added a commit that referenced this pull request Nov 6, 2025
@avatus
Set MaxAge in web cookie if time until expiry is > 0 (#58293)
4ec4504 
This updates the logic to only setting max-age if the provided expiry is
in the future rather than any non-zero value.
@avatus avatus mentioned this pull request Nov 6, 2025
Merged
github-merge-queue bot pushed a commit that referenced this pull request Nov 10, 2025
@avatus
[v18] Fix frequent reauth in web UI (#61103)
96056bb 
* Set MaxAge for cookie based on WebSession expiry (#58091)

* Set MaxAge in web cookie if time until expiry is > 0 (#58293)

This updates the logic to only setting max-age if the provided expiry is
in the future rather than any non-zero value.

* Respect WebIdleTimeout in bearerTokenTTL (#59645)

The webUI will log a user out due to invalid token if they haven't
pinged the server within the idle time, which defaulted to the bearer
token default (10 minutes). Instead, we will only default to 10 minutes
if the web_idle_timeout is not configured in the cluster config
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zmb3 zmb3 zmb3 approved these changes

@rosstimothy rosstimothy rosstimothy approved these changes

Assignees

No one assigned

Labels

no-changelog Indicates that a PR does not require a changelog entry size/sm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@avatus @zmb3 @rosstimothy