maxAge should be in seconds not milliseconds

[allantatter]

Here it seems that maxAge is expected to be set in milliseconds but browsers expect it in seconds. Bug?

if (this.maxAge) this.expires = new Date(Date.now() + this.maxAge);

[Qantas94Heavy]

The maxAge property actually uses expires instead of the max-age parameter, presumably due to compatibility issues with old IE. The following code a few lines later will read the date object given and format the expires time correctly (supposedly):

if (this.expires ) header += "; expires=" + this.expires.toUTCString()

[dougwilson]

Hi @allantatter , our API expects the maxAge to be in milliseconds, simply because it's the de-facto unit used in JavaScript when specifying timespans. Rather than putting it in seconds and requiring users just always to second guess themselves when using the JavaScript API, we choose to use milliseconds. new Date() also expects milliseconds as the argument to the constructor.

As for it actually setting the expires instead of max-age, it is indeed for compatibility, as they end up meaning the same thing, as long as your server has the correct date/time set.