[ https://issues.apache.org/jira/browse/COUCHDB-1304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Newson resolved COUCHDB-1304. ------------------------------------ Resolution: Fixed Fix Version/s: (was: 1.3) 1.2 Feature applied to 1.2.x and master. > set Expires header on session cookies to make them persistent > ------------------------------------------------------------- > > Key: COUCHDB-1304 > URL: https://issues.apache.org/jira/browse/COUCHDB-1304 > Project: CouchDB > Issue Type: Improvement > Components: HTTP Interface > Affects Versions: 1.1 > Reporter: max ogden > Assignee: Robert Newson > Priority: Minor > Labels: authentication, cookie > Fix For: 1.2 > > Original Estimate: 1h > Remaining Estimate: 1h > > currently couch's cookie based authentication only sets session cookies as > opposed to persistent cookies. the difference between these two is the > Expires header. if it is not present most web browsers will delete your > cookie when you quit your browser, whereas if it is set then your browser > keeps the cookie around until the time specified by the Expires header. > This sucks for UX because users quit and re-launch their browser they'll have > to log in again. > I am proposing that we set the Expires header in cookies to match the time in > the couch_httpd_auth timeout > p.s. this is similar to the issue I opened > https://issues.apache.org/jira/browse/COUCHDB-1095 but at that time I didn't > realize that what I really wanted was the Expires header -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira