set Expires header on session cookies to make them persistent
-------------------------------------------------------------
Key: COUCHDB-1304
URL: https://issues.apache.org/jira/browse/COUCHDB-1304
Project: CouchDB
Issue Type: Improvement
Components: HTTP Interface
Affects Versions: 1.1
Reporter: max ogden
Priority: Minor
Fix For: 1.1
currently couch's cookie based authentication only sets session cookies as
opposed to persistent cookies. the difference between these two is the Expires
header. if it is not present most web browsers will delete your cookie when you
quit your browser, whereas if it is set then your browser keeps the cookie
around until the time specified by the Expires header.
This sucks for UX because users quit and re-launch their browser they'll have
to log in again.
I am proposing that we set the Expires header in cookies to match the time in
the couch_httpd_auth timeout
p.s. this is similar to the issue I opened
https://issues.apache.org/jira/browse/COUCHDB-1095 but at that time I didn't
realize that what I really wanted was the Expires header
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
