max-age should be specified in seconds

jakeprime · Mar 19, 2019 · aba7338 · aba7338
1 parent 7b90ada
commit aba7338
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -65,7 +65,7 @@ If the _value_ is omitted, an outbound header with an expired date is used to de
 
 If the _options_ object is provided, it will be used to generate the outbound cookie header as follows:
 
-* `maxAge`: a number representing the milliseconds from `Date.now()` for expiry
+* `maxAge`: a number representing the seconds from `Date.now()` for expiry
 * `expires`: a `Date` object indicating the cookie's expiration date (expires at the end of session by default).
 * `path`: a string indicating the path of the cookie (`/` by default).
 * `domain`: a string indicating the domain of the cookie (no default).

diff --git a/index.js b/index.js
@@ -162,7 +162,7 @@ Cookie.prototype.toString = function() {
 Cookie.prototype.toHeader = function() {
   var header = this.toString()
 
-  if (this.maxAge) this.expires = new Date(Date.now() + this.maxAge);
+  if (this.maxAge) this.expires = new Date(Date.now() + this.maxAge * 1000);
 
   if (this.maxAge   ) header += "; max-age=" + this.maxAge
   if (this.path     ) header += "; path=" + this.path

diff --git a/test/test.js b/test/test.js
@@ -281,7 +281,7 @@ describe('new Cookies(req, res, [options])', function () {
 
     describe('"maxAge" option', function () {
       it('should set the "expires" attribute', function (done) {
-        var maxAge = 86400000
+        var maxAge = 86400
         request(createServer(function (req, res, cookies) {
           cookies.set('foo', 'bar', { maxAge: maxAge })
           res.end()
@@ -291,15 +291,15 @@ describe('new Cookies(req, res, [options])', function () {
         .expect(shouldSetCookieWithAttribute('foo', 'expires'))
         .expect(function (res) {
           var cookie = getCookieForName(res, 'foo')
-          var expected = new Date(Date.parse(res.headers.date) + maxAge).toUTCString()
+          var expected = new Date(Date.parse(res.headers.date) + maxAge * 1000).toUTCString()
           assert.strictEqual(cookie.expires, expected)
         })
         .end(done)
       })
 
       it('should set the "maxAge" attribute', function (done) {
         request(createServer(function (req, res, cookies) {
-          cookies.set('foo', 'bar', { maxAge: 86400000 })
+          cookies.set('foo', 'bar', { maxAge: 86400 })
           res.end()
         }))
         .get('/')