I am trying to send support ticket but its not possible.
We have problem with expect-cf cookie which is limiting our cookie time to 1 year.
We need to make sure Cloudflare removes this limitation for our cookies on our domains.
What cookie exactly are you having issues with?
I’m not aware of any
expect-cf cookie added by Cloudflare.
Cloudflare is limiting my cookies expiration date to max limit 1 year.
I need to make sure that we can add cookie time with unlimited limit.
That’s a header not a cookie. So all good.
I will create a test file so you can understand more.
The code inside looks like this:
This should make cookie to expire after 3 years, but it doesnt make cookie expire after 3 years, but after 1 year as Cloudflare is limiting the cookie expire date by max 1 year-you can test yourself.
Probably not Cloudflare… I don’t see anything about an expect-cf header having anything to do with site cookies in the documentation for that header.
More likely being enforced by the browser…
curl -Ik https://dragonorders.com/test.php HTTP/2 200 date: Fri, 02 Sep 2022 18:13:55 GMT content-type: text/html; charset=UTF-8 set-cookie: TEST=1; expires=Sun, 17-Aug-2025 18:13:55 GMT; Max-Age=93312000; path=/; domain=dragonorders.com
A 3 year cookie is returned via curl.
The user agent MUST limit the maximum value of the Max-Age attribute. The limit SHOULD NOT be greater than 400 days (34560000 seconds) in duration. The RECOMMENDED limit is 400 days in duration, but the user agent MAY adjust the limit (see Section 7.2). Max-Age attributes that are greater than the limit MUST be reduced to the limit.¶
As Chris mentioned, this is a limitation added by browsers as per specification.
Thanks a lot for your answers, do you know from which Chrome version does did cookie update apply? So we cannot include anymore cookie expiration date higher then 400 days, is there any other way?
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.