wsgi: Fix CORS cookie lifespan.

"expires" takes an absolute date, "max-age" takes a number of seconds until expiration. So switch to "max-age": according to Mozilla Developer Network, it is supported by all major browsers, and by IE since version 8.

wsgi: Fix CORS cookie lifespan.
"expires" takes an absolute date, "max-age" takes a number of seconds until expiration. So switch to "max-age": according to Mozilla Developer Network, it is supported by all major browsers, and by IE since version 8.
4d0641ac · Vincent Pelletier · eacf073a · 4d0641ac
Commit 4d0641ac authored Nov 25, 2020 by Vincent Pelletier
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

caucase/wsgi.py caucase/wsgi.py +1 -1

No files found.
--- a/caucase/wsgi.py
+++ b/caucase/wsgi.py
@@ -688,7 +688,7 @@ class Application(object):
    """
    cookie = SimpleCookie({self._cors_cookie_id: value})[self._cors_cookie_id]
    cookie['path'] = environ.get('SCRIPT_NAME') or '/',
-    cookie['expires'] = A_YEAR_IN_SECONDS
+    cookie['max-age'] = A_YEAR_IN_SECONDS
    # No "secure" flag: cookie is not secret, and is protected against
    # tampering on client side.
    # No "httponly" flag: cookie is protected against tampering on client side,