this post was submitted on 29 May 2024
26 points (100.0% liked)

Privacy

31975 readers
615 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
top 10 comments
sorted by: hot top controversial new old
[–] [email protected] 9 points 5 months ago* (last edited 5 months ago)

https://developer.chrome.com/blog/cookie-max-age-expires/

This change does not impact session cookies—cookies that do not explicitly set an expiration date with Max-Age or Expires—as these are instead cleared when the browsing session ends.

Sound like either set by server in header or it session cookie.

~~Not found for firefox yet, maybe the same.~~

Edit: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies

Permanent cookies are deleted after the date specified in the Expires attribute: or after the period specified in the Max-Age attribute:

Session cookies — cookies without a Max-age or Expires attribute – are deleted when the current session ends. The browser defines when the "current session" ends, and some browsers use session restoring when restarting. This can cause session cookies to last indefinitely.

Sound like firefox the same.

[–] [email protected] 5 points 5 months ago (1 children)

Unless something has recently changed in the standards, there is no such thing as a default cookie lifetime. If a web site creates a cookie without defining the expiration time, it is to be kept until the end of the session (i.e. when the user closes the browser).

Note that browser extensions exist that can delete cookies early under certain conditions, such as when they are from a tab that hasn't been used for an extended period of time.

[–] [email protected] 0 points 5 months ago (1 children)

Ok good to know, it does seem like there is some standard across browsers for a maximum cookie lifetime of 400 at least.

Do you have a cookie extension in specifc you would recommend?

[–] [email protected] 3 points 5 months ago* (last edited 5 months ago) (1 children)

400? Seconds or years?

Firefox has built-in cookie-deletion when you close the browser/tab, it's under settings/privacy i believe

[–] [email protected] 2 points 5 months ago
[–] [email protected] 1 points 5 months ago (1 children)

Check the firefox documentation?

[–] [email protected] 2 points 5 months ago* (last edited 5 months ago)

I did, all I found was how to define the cookielife time by yourself, not what the default value is... :<

I found this thread discussing it, they found the maximum lifespan to be around 400 days for the different browsers. However Google Docs state that it can be longer than 400 days if specified correctly. https://discourse.mozilla.org/t/cookie-maximum-lifespan/105916/5

[–] [email protected] 1 points 5 months ago (2 children)

wait, does the lifetime of cookie is decided by browser? I thought it is handled by the server and the server decided when to expire certain cookie.

[–] [email protected] 2 points 5 months ago

As far as I have understood it those are two different things; Cookie lifetime(locally on your device), as well as the servers cookie, reffered to as company/vendors retention period, e.g. how long they are allowed to keep your data for.