Open garybake opened 9 years ago
Gary,
It seems as though your expectation is in line with the standard. The last cookie in wins. I'll consider this a bug and try to fix it as soon as I can.
Jeff
On Mon, Apr 27, 2015 at 6:05 AM, Gary Bake notifications@github.com wrote:
When we login to an application it sends the response with a cookie that times out after half an hour Set-Cookie:session-key=xxxx;Path=/;Expires=Mon, 04-May-2015 09:58:27 GMT;Max-Age=604800
During subsequent requests the server updates the cookie to keep moving the expire half an hour forward. Set-Cookie:session-key=xxxx;Path=/;Expires=Mon, 04-May-2015 10:00:52 GMT;Max-Age=604800 This means that the users session will expire after half an hour of inactivity.
Using siege to test the application I start getting 401 responses after half an hour, when due to requests being sent it should keep the users session active. (I use the normal login setup in .siegerc) This looks like siege is creating the cookie ok but ignoring future requests to update the timeout.
— Reply to this email directly or view it on GitHub https://github.com/JoeDog/siege/issues/9.
Thank you for the prompt response. We have worked around it at the moment by setting a large expire time on the cookie.
When we login to an application it sends the response with a cookie that times out after half an hour Set-Cookie:session-key=xxxx;Path=/;Expires=Mon, 04-May-2015 09:58:27 GMT;Max-Age=604800
During subsequent requests the server updates the cookie to keep moving the expire half an hour forward. Set-Cookie:session-key=xxxx;Path=/;Expires=Mon, 04-May-2015 10:00:52 GMT;Max-Age=604800 This means that the users session will expire after half an hour of inactivity.
Using siege to test the application I start getting 401 responses after half an hour, when due to requests being sent it should keep the users session active. (I use the normal login setup in .siegerc) This looks like siege is creating the cookie ok but ignoring future requests to update the timeout.