By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
448,805 Members | 1,640 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 448,805 IT Pros & Developers. It's quick & easy.

COOKIE EXPIRATION TIME

P: n/a
Hi,

(newbie question)

I've created some simple .NET ASP application that should store cookies at the client machine.

According to the documentation cookie expiration time is set via HttpCookie.Expires property, but property value is the time of day on the client.

How can I possibly know client local time ?
Thanks in advance !!!

Nov 18 '05 #1
Share this Question
Share on Google+
15 Replies


P: n/a
Haven't used it in a while, but you typically set expirations on a sliding
scale, not an absolute date/time. For example, 30 days from the date/time
the cookie was first written.
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:91**********************************@microsof t.com...
Hi,

(newbie question)

I've created some simple .NET ASP application that should store cookies at the client machine.
According to the documentation cookie expiration time is set via HttpCookie.Expires property, but property value is the time of day on the
client.
How can I possibly know client local time ?
Thanks in advance !!!

Nov 18 '05 #2

P: n/a
Scott

I wish to beleive you're right, that's been my approach until I've read the documentation carefully :-)
But I still would like to be sure about what I'm doing.

Thanks

"Scott M." wrote:
Haven't used it in a while, but you typically set expirations on a sliding
scale, not an absolute date/time. For example, 30 days from the date/time
the cookie was first written.
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:91**********************************@microsof t.com...
Hi,

(newbie question)

I've created some simple .NET ASP application that should store cookies at

the client machine.

According to the documentation cookie expiration time is set via

HttpCookie.Expires property, but property value is the time of day on the
client.

How can I possibly know client local time ?
Thanks in advance !!!


Nov 18 '05 #3

P: n/a
Oleg,

You could use a javascript to enter the client's time into a hidden form
field.

Of course this information would then have to be posted back before setting
the cookie...

Something like this:

<script language="Javascript">
<!--
document.Form1.myHiddenField.value = new Date()
//-->
</script>

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:91**********************************@microsof t.com...
Hi,

(newbie question)

I've created some simple .NET ASP application that should store cookies at the client machine.
According to the documentation cookie expiration time is set via HttpCookie.Expires property, but property value is the time of day on the
client.
How can I possibly know client local time ?
Thanks in advance !!!

Nov 18 '05 #4

P: n/a
Here you go Oleg:

Example
The following example sets the expiration time of the cookie to 10 minutes
from the current time.

[Visual Basic]
Dim dt As DateTime = DateTime.Now()
Dim ts As New TimeSpan(0,0,10,0)

MyCookie.Expires = dt.Add(ts)"Oleg Leikin"
<Ol********@discussions.microsoft.com> wrote in message
news:BE**********************************@microsof t.com...
Scott

I wish to beleive you're right, that's been my approach until I've read the documentation carefully :-) But I still would like to be sure about what I'm doing.

Thanks

"Scott M." wrote:
Haven't used it in a while, but you typically set expirations on a sliding scale, not an absolute date/time. For example, 30 days from the date/time the cookie was first written.
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:91**********************************@microsof t.com...
Hi,

(newbie question)

I've created some simple .NET ASP application that should store
cookies at the client machine.

According to the documentation cookie expiration time is set via

HttpCookie.Expires property, but property value is the time of day on the client.

How can I possibly know client local time ?
Thanks in advance !!!


Nov 18 '05 #5

P: n/a
Justin,

do u mean that cookie expiration time is an absolute value ?

Oleg

"S. Justin Gengo" wrote:
Oleg,

You could use a javascript to enter the client's time into a hidden form
field.

Of course this information would then have to be posted back before setting
the cookie...

Something like this:

<script language="Javascript">
<!--
document.Form1.myHiddenField.value = new Date()
//-->
</script>

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:91**********************************@microsof t.com...
Hi,

(newbie question)

I've created some simple .NET ASP application that should store cookies at

the client machine.

According to the documentation cookie expiration time is set via

HttpCookie.Expires property, but property value is the time of day on the
client.

How can I possibly know client local time ?
Thanks in advance !!!


Nov 18 '05 #6

P: n/a
Yes,

If you're able to get a value back from the client you could trust that you
would know exactly when the cookie would expire.

Of course this solution counts on the client having javascript enabled.

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:EA**********************************@microsof t.com...
Justin,

do u mean that cookie expiration time is an absolute value ?

Oleg

"S. Justin Gengo" wrote:
Oleg,

You could use a javascript to enter the client's time into a hidden form
field.

Of course this information would then have to be posted back before setting the cookie...

Something like this:

<script language="Javascript">
<!--
document.Form1.myHiddenField.value = new Date()
//-->
</script>

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:91**********************************@microsof t.com...
Hi,

(newbie question)

I've created some simple .NET ASP application that should store
cookies at the client machine.

According to the documentation cookie expiration time is set via

HttpCookie.Expires property, but property value is the time of day on the client.

How can I possibly know client local time ?
Thanks in advance !!!


Nov 18 '05 #7

P: n/a
Actually my application involves Java Applet tah's embedded at one of ASPXs, so it could supply the local time... But I'm still wondering how other people handle this issue without java script.

Oleg
"S. Justin Gengo" wrote:
Yes,

If you're able to get a value back from the client you could trust that you
would know exactly when the cookie would expire.

Of course this solution counts on the client having javascript enabled.

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:EA**********************************@microsof t.com...
Justin,

do u mean that cookie expiration time is an absolute value ?

Oleg

"S. Justin Gengo" wrote:
Oleg,

You could use a javascript to enter the client's time into a hidden form
field.

Of course this information would then have to be posted back before setting the cookie...

Something like this:

<script language="Javascript">
<!--
document.Form1.myHiddenField.value = new Date()
//-->
</script>

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:91**********************************@microsof t.com...
> Hi,
>
> (newbie question)
>
> I've created some simple .NET ASP application that should store cookies at the client machine.
>
> According to the documentation cookie expiration time is set via
HttpCookie.Expires property, but property value is the time of day on the client.
>
> How can I possibly know client local time ?
>
>
> Thanks in advance !!!
>


Nov 18 '05 #8

P: n/a
Here you go Oleg:

Example
The following example sets the expiration time of the cookie to 10 minutes
from the current time.

[Visual Basic]
Dim dt As DateTime = DateTime.Now()
Dim ts As New TimeSpan(0,0,10,0)
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:8A**********************************@microsof t.com...
Actually my application involves Java Applet tah's embedded at one of ASPXs, so it could supply the local time... But I'm still wondering how
other people handle this issue without java script.
Oleg
"S. Justin Gengo" wrote:
Yes,

If you're able to get a value back from the client you could trust that you would know exactly when the cookie would expire.

Of course this solution counts on the client having javascript enabled.

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:EA**********************************@microsof t.com...
Justin,

do u mean that cookie expiration time is an absolute value ?

Oleg

"S. Justin Gengo" wrote:

> Oleg,
>
> You could use a javascript to enter the client's time into a hidden form > field.
>
> Of course this information would then have to be posted back before

setting
> the cookie...
>
> Something like this:
>
> <script language="Javascript">
> <!--
> document.Form1.myHiddenField.value = new Date()
> //-->
> </script>
>
> --
> Sincerely,
>
> S. Justin Gengo, MCP
> Web Developer / Programmer
>
> www.aboutfortunate.com
>
> "Out of chaos comes order."
> Nietzsche
> "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message > news:91**********************************@microsof t.com...
> > Hi,
> >
> > (newbie question)
> >
> > I've created some simple .NET ASP application that should store

cookies at
> the client machine.
> >
> > According to the documentation cookie expiration time is set via
> HttpCookie.Expires property, but property value is the time of day
on the
> client.
> >
> > How can I possibly know client local time ?
> >
> >
> > Thanks in advance !!!
> >
>
>
>


Nov 18 '05 #9

P: n/a
If you intend to read/write cookies from the server-side, then this is the
price you pay. You certainly can do it client-side or capture the local
time client-side and send it to the server as a hidden form field. Either
way, cookie expirations are not set absolutely, they are set based on a
timespan.


"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:D0**********************************@microsof t.com...
Thanks Scott, I'm familiar with the syntax, but suppose that your server runs at US and the client at Siberia, so when the cookie will reach the
recipient his browser will simply discard it.
Oleg

"Scott M." wrote:
Here you go Oleg:

Example
The following example sets the expiration time of the cookie to 10 minutes from the current time.

[Visual Basic]
Dim dt As DateTime = DateTime.Now()
Dim ts As New TimeSpan(0,0,10,0)
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:8A**********************************@microsof t.com...
Actually my application involves Java Applet tah's embedded at one of

ASPXs, so it could supply the local time... But I'm still wondering how
other people handle this issue without java script.

Oleg
"S. Justin Gengo" wrote:

> Yes,
>
> If you're able to get a value back from the client you could trust that
you
> would know exactly when the cookie would expire.
>
> Of course this solution counts on the client having javascript
enabled. >
> --
> Sincerely,
>
> S. Justin Gengo, MCP
> Web Developer / Programmer
>
> www.aboutfortunate.com
>
> "Out of chaos comes order."
> Nietzsche
> "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message > news:EA**********************************@microsof t.com...
> > Justin,
> >
> > do u mean that cookie expiration time is an absolute value ?
> >
> > Oleg
> >
> >
> >
> > "S. Justin Gengo" wrote:
> >
> > > Oleg,
> > >
> > > You could use a javascript to enter the client's time into a hidden form
> > > field.
> > >
> > > Of course this information would then have to be posted back
before > setting
> > > the cookie...
> > >
> > > Something like this:
> > >
> > > <script language="Javascript">
> > > <!--
> > > document.Form1.myHiddenField.value = new Date()
> > > //-->
> > > </script>
> > >
> > > --
> > > Sincerely,
> > >
> > > S. Justin Gengo, MCP
> > > Web Developer / Programmer
> > >
> > > www.aboutfortunate.com
> > >
> > > "Out of chaos comes order."
> > > Nietzsche
> > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in

message
> > > news:91**********************************@microsof t.com...
> > > > Hi,
> > > >
> > > > (newbie question)
> > > >
> > > > I've created some simple .NET ASP application that should store > cookies at
> > > the client machine.
> > > >
> > > > According to the documentation cookie expiration time is set via > > > HttpCookie.Expires property, but property value is the time of

day on
> the
> > > client.
> > > >
> > > > How can I possibly know client local time ?
> > > >
> > > >
> > > > Thanks in advance !!!
> > > >
> > >
> > >
> > >
>
>
>


Nov 18 '05 #10

P: n/a
Scott,

I'm still curious who's right: you or MS documentation :-) The documentation for HttpCookie.Expires Property says "The time of day (on the client) at which the cookie expires." - sounds like an absolute value...
On other hand maybe some lower .NET level translates this absolute value to time span (but still it should know the local time) or the browser does the translation ? Or maybe according to the cookie standard this value is always relative ?

Oleg

"Scott M." wrote:
If you intend to read/write cookies from the server-side, then this is the
price you pay. You certainly can do it client-side or capture the local
time client-side and send it to the server as a hidden form field. Either
way, cookie expirations are not set absolutely, they are set based on a
timespan.


"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:D0**********************************@microsof t.com...
Thanks Scott, I'm familiar with the syntax, but suppose that your server

runs at US and the client at Siberia, so when the cookie will reach the
recipient his browser will simply discard it.

Oleg

"Scott M." wrote:
Here you go Oleg:

Example
The following example sets the expiration time of the cookie to 10 minutes from the current time.

[Visual Basic]
Dim dt As DateTime = DateTime.Now()
Dim ts As New TimeSpan(0,0,10,0)
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:8A**********************************@microsof t.com...
> Actually my application involves Java Applet tah's embedded at one of
ASPXs, so it could supply the local time... But I'm still wondering how
other people handle this issue without java script.
>
> Oleg
>
>
> "S. Justin Gengo" wrote:
>
> > Yes,
> >
> > If you're able to get a value back from the client you could trust that you
> > would know exactly when the cookie would expire.
> >
> > Of course this solution counts on the client having javascript enabled. > >
> > --
> > Sincerely,
> >
> > S. Justin Gengo, MCP
> > Web Developer / Programmer
> >
> > www.aboutfortunate.com
> >
> > "Out of chaos comes order."
> > Nietzsche
> > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message > > news:EA**********************************@microsof t.com...
> > > Justin,
> > >
> > > do u mean that cookie expiration time is an absolute value ?
> > >
> > > Oleg
> > >
> > >
> > >
> > > "S. Justin Gengo" wrote:
> > >
> > > > Oleg,
> > > >
> > > > You could use a javascript to enter the client's time into a hidden form
> > > > field.
> > > >
> > > > Of course this information would then have to be posted back before > > setting
> > > > the cookie...
> > > >
> > > > Something like this:
> > > >
> > > > <script language="Javascript">
> > > > <!--
> > > > document.Form1.myHiddenField.value = new Date()
> > > > //-->
> > > > </script>
> > > >
> > > > --
> > > > Sincerely,
> > > >
> > > > S. Justin Gengo, MCP
> > > > Web Developer / Programmer
> > > >
> > > > www.aboutfortunate.com
> > > >
> > > > "Out of chaos comes order."
> > > > Nietzsche
> > > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in
message
> > > > news:91**********************************@microsof t.com...
> > > > > Hi,
> > > > >
> > > > > (newbie question)
> > > > >
> > > > > I've created some simple .NET ASP application that should store > > cookies at
> > > > the client machine.
> > > > >
> > > > > According to the documentation cookie expiration time is set via > > > > HttpCookie.Expires property, but property value is the time of day on
> > the
> > > > client.
> > > > >
> > > > > How can I possibly know client local time ?
> > > > >
> > > > >
> > > > > Thanks in advance !!!
> > > > >
> > > >
> > > >
> > > >
> >
> >
> >


Nov 18 '05 #11

P: n/a
The definition you gave is correct, you do specify a time that the cookie
will expires on the client. You just don't set it absolutely that's all.
30 days from today produces a time just as well as 12/31/05 does.

The code I gave you comes directly from the MSDN help on the Expires
property of the HttpCookie class.

Sliding expirations have always been the way cookies have worked. Imagine
setting an absolute date/time and having a new user come to the page 5
seconds before that time!
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:53**********************************@microsof t.com...
Scott,

I'm still curious who's right: you or MS documentation :-) The documentation for HttpCookie.Expires Property says "The time of day (on the
client) at which the cookie expires." - sounds like an absolute value... On other hand maybe some lower .NET level translates this absolute value to time span (but still it should know the local time) or the browser does
the translation ? Or maybe according to the cookie standard this value is
always relative ?
Oleg

"Scott M." wrote:
If you intend to read/write cookies from the server-side, then this is the price you pay. You certainly can do it client-side or capture the local
time client-side and send it to the server as a hidden form field. Either way, cookie expirations are not set absolutely, they are set based on a
timespan.


"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:D0**********************************@microsof t.com...
Thanks Scott, I'm familiar with the syntax, but suppose that your server
runs at US and the client at Siberia, so when the cookie will reach the
recipient his browser will simply discard it.

Oleg

"Scott M." wrote:

> Here you go Oleg:
>
> Example
> The following example sets the expiration time of the cookie to 10

minutes
> from the current time.
>
> [Visual Basic]
> Dim dt As DateTime = DateTime.Now()
> Dim ts As New TimeSpan(0,0,10,0)
>
>
> "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in
message > news:8A**********************************@microsof t.com...
> > Actually my application involves Java Applet tah's embedded at one of > ASPXs, so it could supply the local time... But I'm still wondering how > other people handle this issue without java script.
> >
> > Oleg
> >
> >
> > "S. Justin Gengo" wrote:
> >
> > > Yes,
> > >
> > > If you're able to get a value back from the client you could trust that
> you
> > > would know exactly when the cookie would expire.
> > >
> > > Of course this solution counts on the client having javascript

enabled.
> > >
> > > --
> > > Sincerely,
> > >
> > > S. Justin Gengo, MCP
> > > Web Developer / Programmer
> > >
> > > www.aboutfortunate.com
> > >
> > > "Out of chaos comes order."
> > > Nietzsche
> > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in

message
> > > news:EA**********************************@microsof t.com...
> > > > Justin,
> > > >
> > > > do u mean that cookie expiration time is an absolute value ?
> > > >
> > > > Oleg
> > > >
> > > >
> > > >
> > > > "S. Justin Gengo" wrote:
> > > >
> > > > > Oleg,
> > > > >
> > > > > You could use a javascript to enter the client's time into a

hidden
> form
> > > > > field.
> > > > >
> > > > > Of course this information would then have to be posted back

before
> > > setting
> > > > > the cookie...
> > > > >
> > > > > Something like this:
> > > > >
> > > > > <script language="Javascript">
> > > > > <!--
> > > > > document.Form1.myHiddenField.value = new Date()
> > > > > //-->
> > > > > </script>
> > > > >
> > > > > --
> > > > > Sincerely,
> > > > >
> > > > > S. Justin Gengo, MCP
> > > > > Web Developer / Programmer
> > > > >
> > > > > www.aboutfortunate.com
> > > > >
> > > > > "Out of chaos comes order."
> > > > > Nietzsche
> > > > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote
in > message
> > > > > news:91**********************************@microsof t.com...
> > > > > > Hi,
> > > > > >
> > > > > > (newbie question)
> > > > > >
> > > > > > I've created some simple .NET ASP application that should

store
> > > cookies at
> > > > > the client machine.
> > > > > >
> > > > > > According to the documentation cookie expiration time is

set via
> > > > > HttpCookie.Expires property, but property value is the time
of day
> on
> > > the
> > > > > client.
> > > > > >
> > > > > > How can I possibly know client local time ?
> > > > > >
> > > > > >
> > > > > > Thanks in advance !!!
> > > > > >
> > > > >
> > > > >
> > > > >
> > >
> > >
> > >
>
>
>


Nov 18 '05 #12

P: n/a
Quotation from some other MS article:
"The expiration date is set by using the format expires=<date>, where <date> is the expiration date in Greenwich Mean Time (GMT)."

I think this is the key: all communication participants (the server and the clients) handle the time of one and the only one time zone (GMT).

So the only question is if .NET converts the server local time value to GMT by adding/subtracting the difference beetwen GMT and the server location or I should handle this by myself ?

Oleg

"Scott M." wrote:
The definition you gave is correct, you do specify a time that the cookie
will expires on the client. You just don't set it absolutely that's all.
30 days from today produces a time just as well as 12/31/05 does.

The code I gave you comes directly from the MSDN help on the Expires
property of the HttpCookie class.

Sliding expirations have always been the way cookies have worked. Imagine
setting an absolute date/time and having a new user come to the page 5
seconds before that time!
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:53**********************************@microsof t.com...
Scott,

I'm still curious who's right: you or MS documentation :-) The

documentation for HttpCookie.Expires Property says "The time of day (on the
client) at which the cookie expires." - sounds like an absolute value...
On other hand maybe some lower .NET level translates this absolute value

to time span (but still it should know the local time) or the browser does
the translation ? Or maybe according to the cookie standard this value is
always relative ?

Oleg

"Scott M." wrote:
If you intend to read/write cookies from the server-side, then this is the price you pay. You certainly can do it client-side or capture the local
time client-side and send it to the server as a hidden form field. Either way, cookie expirations are not set absolutely, they are set based on a
timespan.


"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:D0**********************************@microsof t.com...
> Thanks Scott, I'm familiar with the syntax, but suppose that your server runs at US and the client at Siberia, so when the cookie will reach the
recipient his browser will simply discard it.
>
> Oleg
>
> "Scott M." wrote:
>
> > Here you go Oleg:
> >
> > Example
> > The following example sets the expiration time of the cookie to 10
minutes
> > from the current time.
> >
> > [Visual Basic]
> > Dim dt As DateTime = DateTime.Now()
> > Dim ts As New TimeSpan(0,0,10,0)
> >
> >
> > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message > > news:8A**********************************@microsof t.com...
> > > Actually my application involves Java Applet tah's embedded at one of > > ASPXs, so it could supply the local time... But I'm still wondering how > > other people handle this issue without java script.
> > >
> > > Oleg
> > >
> > >
> > > "S. Justin Gengo" wrote:
> > >
> > > > Yes,
> > > >
> > > > If you're able to get a value back from the client you could trust that
> > you
> > > > would know exactly when the cookie would expire.
> > > >
> > > > Of course this solution counts on the client having javascript
enabled.
> > > >
> > > > --
> > > > Sincerely,
> > > >
> > > > S. Justin Gengo, MCP
> > > > Web Developer / Programmer
> > > >
> > > > www.aboutfortunate.com
> > > >
> > > > "Out of chaos comes order."
> > > > Nietzsche
> > > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in
message
> > > > news:EA**********************************@microsof t.com...
> > > > > Justin,
> > > > >
> > > > > do u mean that cookie expiration time is an absolute value ?
> > > > >
> > > > > Oleg
> > > > >
> > > > >
> > > > >
> > > > > "S. Justin Gengo" wrote:
> > > > >
> > > > > > Oleg,
> > > > > >
> > > > > > You could use a javascript to enter the client's time into a
hidden
> > form
> > > > > > field.
> > > > > >
> > > > > > Of course this information would then have to be posted back
before
> > > > setting
> > > > > > the cookie...
> > > > > >
> > > > > > Something like this:
> > > > > >
> > > > > > <script language="Javascript">
> > > > > > <!--
> > > > > > document.Form1.myHiddenField.value = new Date()
> > > > > > //-->
> > > > > > </script>
> > > > > >
> > > > > > --
> > > > > > Sincerely,
> > > > > >
> > > > > > S. Justin Gengo, MCP
> > > > > > Web Developer / Programmer
> > > > > >
> > > > > > www.aboutfortunate.com
> > > > > >
> > > > > > "Out of chaos comes order."
> > > > > > Nietzsche
> > > > > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in > > message
> > > > > > news:91**********************************@microsof t.com...
> > > > > > > Hi,
> > > > > > >
> > > > > > > (newbie question)
> > > > > > >
> > > > > > > I've created some simple .NET ASP application that should
store
> > > > cookies at
> > > > > > the client machine.
> > > > > > >
> > > > > > > According to the documentation cookie expiration time is set via
> > > > > > HttpCookie.Expires property, but property value is the time of day
> > on
> > > > the
> > > > > > client.
> > > > > > >
> > > > > > > How can I possibly know client local time ?
> > > > > > >
> > > > > > >
> > > > > > > Thanks in advance !!!
> > > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > >
> > > >
> > > >
> >
> >
> >


Nov 18 '05 #13

P: n/a
Oleg, again, you are getting too hung up on the words and not seeing the big
picture. It may be built into the expires property to treat the date
entered as GMT, but (again) 30 days from now can be expressed as GMT just as
well as 12/31/05 can. The expires property requires a date value, period.
That date value *can* be absolute, but it would make no practical sense to
do this (unless your site was going out of business on a particular date!).

Don't worry about GMT. Why does it matter? If I come to your site and you
place a cookie on my machine that is set to expire at: Now.AddDays(30), the
cookie will be valid for the next 30 days (from the server's clock). Sure,
you may have a few hours of difference depending on where the clients are
actually located (and, while I haven't used it, you might try:
Now.ToUniversalTime.AddDays(nn), rather than just Now.AddDays(nn)).

Think about this, if we set our expires property to absolute expirations,
then no matter how often a user might visit our site, their cookie *will*
become invalid on a particular date, even though the user might have been
using the site just the day before. And then, we (the developer) would have
to get into the habit of changing our code after each time that the
expiration date had passed (not very practical).

Trust me, sliding expirations are how it is done. You are just getting a
bit hung up on the verbiage of the documentation.

"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:B4**********************************@microsof t.com...
Quotation from some other MS article:
"The expiration date is set by using the format expires=<date>, where <date> is the expiration date in Greenwich Mean Time (GMT)."
I think this is the key: all communication participants (the server and the clients) handle the time of one and the only one time zone (GMT).
So the only question is if .NET converts the server local time value to GMT by adding/subtracting the difference beetwen GMT and the server location
or I should handle this by myself ?
Oleg

"Scott M." wrote:
The definition you gave is correct, you do specify a time that the cookie will expires on the client. You just don't set it absolutely that's all. 30 days from today produces a time just as well as 12/31/05 does.

The code I gave you comes directly from the MSDN help on the Expires
property of the HttpCookie class.

Sliding expirations have always been the way cookies have worked. Imagine setting an absolute date/time and having a new user come to the page 5
seconds before that time!
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:53**********************************@microsof t.com...
Scott,

I'm still curious who's right: you or MS documentation :-) The

documentation for HttpCookie.Expires Property says "The time of day (on the client) at which the cookie expires." - sounds like an absolute value...
On other hand maybe some lower .NET level translates this absolute value
to time span (but still it should know the local time) or the browser does the translation ? Or maybe according to the cookie standard this value is always relative ?

Oleg

"Scott M." wrote:

> If you intend to read/write cookies from the server-side, then this
is the
> price you pay. You certainly can do it client-side or capture the
local > time client-side and send it to the server as a hidden form field.

Either
> way, cookie expirations are not set absolutely, they are set based on a > timespan.
>
>
>
>
> "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message > news:D0**********************************@microsof t.com...
> > Thanks Scott, I'm familiar with the syntax, but suppose that your

server
> runs at US and the client at Siberia, so when the cookie will reach the > recipient his browser will simply discard it.
> >
> > Oleg
> >
> > "Scott M." wrote:
> >
> > > Here you go Oleg:
> > >
> > > Example
> > > The following example sets the expiration time of the cookie to 10 > minutes
> > > from the current time.
> > >
> > > [Visual Basic]
> > > Dim dt As DateTime = DateTime.Now()
> > > Dim ts As New TimeSpan(0,0,10,0)
> > >
> > >
> > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in

message
> > > news:8A**********************************@microsof t.com...
> > > > Actually my application involves Java Applet tah's embedded at one of
> > > ASPXs, so it could supply the local time... But I'm still
wondering how
> > > other people handle this issue without java script.
> > > >
> > > > Oleg
> > > >
> > > >
> > > > "S. Justin Gengo" wrote:
> > > >
> > > > > Yes,
> > > > >
> > > > > If you're able to get a value back from the client you could

trust
> that
> > > you
> > > > > would know exactly when the cookie would expire.
> > > > >
> > > > > Of course this solution counts on the client having
javascript > enabled.
> > > > >
> > > > > --
> > > > > Sincerely,
> > > > >
> > > > > S. Justin Gengo, MCP
> > > > > Web Developer / Programmer
> > > > >
> > > > > www.aboutfortunate.com
> > > > >
> > > > > "Out of chaos comes order."
> > > > > Nietzsche
> > > > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in > message
> > > > > news:EA**********************************@microsof t.com...
> > > > > > Justin,
> > > > > >
> > > > > > do u mean that cookie expiration time is an absolute value ? > > > > > >
> > > > > > Oleg
> > > > > >
> > > > > >
> > > > > >
> > > > > > "S. Justin Gengo" wrote:
> > > > > >
> > > > > > > Oleg,
> > > > > > >
> > > > > > > You could use a javascript to enter the client's time into a > hidden
> > > form
> > > > > > > field.
> > > > > > >
> > > > > > > Of course this information would then have to be posted back > before
> > > > > setting
> > > > > > > the cookie...
> > > > > > >
> > > > > > > Something like this:
> > > > > > >
> > > > > > > <script language="Javascript">
> > > > > > > <!--
> > > > > > > document.Form1.myHiddenField.value = new Date()
> > > > > > > //-->
> > > > > > > </script>
> > > > > > >
> > > > > > > --
> > > > > > > Sincerely,
> > > > > > >
> > > > > > > S. Justin Gengo, MCP
> > > > > > > Web Developer / Programmer
> > > > > > >
> > > > > > > www.aboutfortunate.com
> > > > > > >
> > > > > > > "Out of chaos comes order."
> > > > > > > Nietzsche
> > > > > > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in
> > > message
> > > > > > >
news:91**********************************@microsof t.com... > > > > > > > > Hi,
> > > > > > > >
> > > > > > > > (newbie question)
> > > > > > > >
> > > > > > > > I've created some simple .NET ASP application that should > store
> > > > > cookies at
> > > > > > > the client machine.
> > > > > > > >
> > > > > > > > According to the documentation cookie expiration time

is set
> via
> > > > > > > HttpCookie.Expires property, but property value is the
time of
> day
> > > on
> > > > > the
> > > > > > > client.
> > > > > > > >
> > > > > > > > How can I possibly know client local time ?
> > > > > > > >
> > > > > > > >
> > > > > > > > Thanks in advance !!!
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > >
> > > > >
> > > > >
> > >
> > >
> > >
>
>
>


Nov 18 '05 #14

P: n/a
Scott,

our application is some kind of single signon service, so the cookies we use should have pretty short lifetime in order to let the user to enter some protected content at any point all over the world and then to expire. I'm talking "in seconds or minutes", so GMT time difference is pretty critical.

My approach was in relative time terms until some suspicions had waken up :-)

Tnanks for all !!!

"Scott M." wrote:
Oleg, again, you are getting too hung up on the words and not seeing the big
picture. It may be built into the expires property to treat the date
entered as GMT, but (again) 30 days from now can be expressed as GMT just as
well as 12/31/05 can. The expires property requires a date value, period.
That date value *can* be absolute, but it would make no practical sense to
do this (unless your site was going out of business on a particular date!).

Don't worry about GMT. Why does it matter? If I come to your site and you
place a cookie on my machine that is set to expire at: Now.AddDays(30), the
cookie will be valid for the next 30 days (from the server's clock). Sure,
you may have a few hours of difference depending on where the clients are
actually located (and, while I haven't used it, you might try:
Now.ToUniversalTime.AddDays(nn), rather than just Now.AddDays(nn)).

Think about this, if we set our expires property to absolute expirations,
then no matter how often a user might visit our site, their cookie *will*
become invalid on a particular date, even though the user might have been
using the site just the day before. And then, we (the developer) would have
to get into the habit of changing our code after each time that the
expiration date had passed (not very practical).

Trust me, sliding expirations are how it is done. You are just getting a
bit hung up on the verbiage of the documentation.

"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:B4**********************************@microsof t.com...
Quotation from some other MS article:
"The expiration date is set by using the format expires=<date>, where

<date> is the expiration date in Greenwich Mean Time (GMT)."

I think this is the key: all communication participants (the server and

the clients) handle the time of one and the only one time zone (GMT).

So the only question is if .NET converts the server local time value to

GMT by adding/subtracting the difference beetwen GMT and the server location
or I should handle this by myself ?

Oleg

"Scott M." wrote:
The definition you gave is correct, you do specify a time that the cookie will expires on the client. You just don't set it absolutely that's all. 30 days from today produces a time just as well as 12/31/05 does.

The code I gave you comes directly from the MSDN help on the Expires
property of the HttpCookie class.

Sliding expirations have always been the way cookies have worked. Imagine setting an absolute date/time and having a new user come to the page 5
seconds before that time!
"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:53**********************************@microsof t.com...
> Scott,
>
> I'm still curious who's right: you or MS documentation :-) The
documentation for HttpCookie.Expires Property says "The time of day (on the client) at which the cookie expires." - sounds like an absolute value...
> On other hand maybe some lower .NET level translates this absolute value to time span (but still it should know the local time) or the browser does the translation ? Or maybe according to the cookie standard this value is always relative ?
>
> Oleg
>
>
>
> "Scott M." wrote:
>
> > If you intend to read/write cookies from the server-side, then this is the
> > price you pay. You certainly can do it client-side or capture the local > > time client-side and send it to the server as a hidden form field.
Either
> > way, cookie expirations are not set absolutely, they are set based on a > > timespan.
> >
> >
> >
> >
> > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message > > news:D0**********************************@microsof t.com...
> > > Thanks Scott, I'm familiar with the syntax, but suppose that your
server
> > runs at US and the client at Siberia, so when the cookie will reach the > > recipient his browser will simply discard it.
> > >
> > > Oleg
> > >
> > > "Scott M." wrote:
> > >
> > > > Here you go Oleg:
> > > >
> > > > Example
> > > > The following example sets the expiration time of the cookie to 10 > > minutes
> > > > from the current time.
> > > >
> > > > [Visual Basic]
> > > > Dim dt As DateTime = DateTime.Now()
> > > > Dim ts As New TimeSpan(0,0,10,0)
> > > >
> > > >
> > > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in
message
> > > > news:8A**********************************@microsof t.com...
> > > > > Actually my application involves Java Applet tah's embedded at one of
> > > > ASPXs, so it could supply the local time... But I'm still wondering how
> > > > other people handle this issue without java script.
> > > > >
> > > > > Oleg
> > > > >
> > > > >
> > > > > "S. Justin Gengo" wrote:
> > > > >
> > > > > > Yes,
> > > > > >
> > > > > > If you're able to get a value back from the client you could
trust
> > that
> > > > you
> > > > > > would know exactly when the cookie would expire.
> > > > > >
> > > > > > Of course this solution counts on the client having javascript > > enabled.
> > > > > >
> > > > > > --
> > > > > > Sincerely,
> > > > > >
> > > > > > S. Justin Gengo, MCP
> > > > > > Web Developer / Programmer
> > > > > >
> > > > > > www.aboutfortunate.com
> > > > > >
> > > > > > "Out of chaos comes order."
> > > > > > Nietzsche
> > > > > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in > > message
> > > > > > news:EA**********************************@microsof t.com...
> > > > > > > Justin,
> > > > > > >
> > > > > > > do u mean that cookie expiration time is an absolute value ? > > > > > > >
> > > > > > > Oleg
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > "S. Justin Gengo" wrote:
> > > > > > >
> > > > > > > > Oleg,
> > > > > > > >
> > > > > > > > You could use a javascript to enter the client's time into a > > hidden
> > > > form
> > > > > > > > field.
> > > > > > > >
> > > > > > > > Of course this information would then have to be posted back > > before
> > > > > > setting
> > > > > > > > the cookie...
> > > > > > > >
> > > > > > > > Something like this:
> > > > > > > >
> > > > > > > > <script language="Javascript">
> > > > > > > > <!--
> > > > > > > > document.Form1.myHiddenField.value = new Date()
> > > > > > > > //-->
> > > > > > > > </script>
> > > > > > > >
> > > > > > > > --
> > > > > > > > Sincerely,
> > > > > > > >
> > > > > > > > S. Justin Gengo, MCP
> > > > > > > > Web Developer / Programmer
> > > > > > > >
> > > > > > > > www.aboutfortunate.com
> > > > > > > >
> > > > > > > > "Out of chaos comes order."
> > > > > > > > Nietzsche
> > > > > > > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in
> > > > message
> > > > > > > > news:91**********************************@microsof t.com... > > > > > > > > > Hi,
> > > > > > > > >
> > > > > > > > > (newbie question)
> > > > > > > > >
> > > > > > > > > I've created some simple .NET ASP application that should > > store
> > > > > > cookies at
> > > > > > > > the client machine.
> > > > > > > > >
> > > > > > > > > According to the documentation cookie expiration time is set
> > via
> > > > > > > > HttpCookie.Expires property, but property value is the time of
> > day
> > > > on
> > > > > > the
> > > > > > > > client.
> > > > > > > > >
> > > > > > > > > How can I possibly know client local time ?
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Thanks in advance !!!
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > >
> > > >
> > > >
> >
> >
> >


Nov 18 '05 #15

P: n/a
Have you looked at: Now.ToUniversalTime.AddMinutes(nn)? This may solve
your problem.

If I may make a recommendation though, you could avoid all of this if use
Sessions with a short timeout value.

Good luck!

"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:66**********************************@microsof t.com...
Scott,

our application is some kind of single signon service, so the cookies we use should have pretty short lifetime in order to let the user to enter some
protected content at any point all over the world and then to expire. I'm
talking "in seconds or minutes", so GMT time difference is pretty critical.
My approach was in relative time terms until some suspicions had waken up :-)
Tnanks for all !!!

"Scott M." wrote:
Oleg, again, you are getting too hung up on the words and not seeing the big picture. It may be built into the expires property to treat the date
entered as GMT, but (again) 30 days from now can be expressed as GMT just as well as 12/31/05 can. The expires property requires a date value, period. That date value *can* be absolute, but it would make no practical sense to do this (unless your site was going out of business on a particular date!).
Don't worry about GMT. Why does it matter? If I come to your site and you place a cookie on my machine that is set to expire at: Now.AddDays(30), the cookie will be valid for the next 30 days (from the server's clock). Sure, you may have a few hours of difference depending on where the clients are actually located (and, while I haven't used it, you might try:
Now.ToUniversalTime.AddDays(nn), rather than just Now.AddDays(nn)).

Think about this, if we set our expires property to absolute expirations, then no matter how often a user might visit our site, their cookie *will* become invalid on a particular date, even though the user might have been using the site just the day before. And then, we (the developer) would have to get into the habit of changing our code after each time that the
expiration date had passed (not very practical).

Trust me, sliding expirations are how it is done. You are just getting a bit hung up on the verbiage of the documentation.

"Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message
news:B4**********************************@microsof t.com...
Quotation from some other MS article:
"The expiration date is set by using the format expires=<date>, where

<date> is the expiration date in Greenwich Mean Time (GMT)."

I think this is the key: all communication participants (the server and
the clients) handle the time of one and the only one time zone (GMT).

So the only question is if .NET converts the server local time value
to GMT by adding/subtracting the difference beetwen GMT and the server location or I should handle this by myself ?

Oleg

"Scott M." wrote:

> The definition you gave is correct, you do specify a time that the

cookie
> will expires on the client. You just don't set it absolutely that's

all.
> 30 days from today produces a time just as well as 12/31/05 does.
>
> The code I gave you comes directly from the MSDN help on the Expires
> property of the HttpCookie class.
>
> Sliding expirations have always been the way cookies have worked.

Imagine
> setting an absolute date/time and having a new user come to the page
5 > seconds before that time!
>
>
> "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in message > news:53**********************************@microsof t.com...
> > Scott,
> >
> > I'm still curious who's right: you or MS documentation :-) The
> documentation for HttpCookie.Expires Property says "The time of day (on the
> client) at which the cookie expires." - sounds like an absolute
value... > > On other hand maybe some lower .NET level translates this absolute

value
> to time span (but still it should know the local time) or the browser does
> the translation ? Or maybe according to the cookie standard this
value is
> always relative ?
> >
> > Oleg
> >
> >
> >
> > "Scott M." wrote:
> >
> > > If you intend to read/write cookies from the server-side, then
this is
> the
> > > price you pay. You certainly can do it client-side or capture
the local
> > > time client-side and send it to the server as a hidden form
field. > Either
> > > way, cookie expirations are not set absolutely, they are set based on a
> > > timespan.
> > >
> > >
> > >
> > >
> > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in

message
> > > news:D0**********************************@microsof t.com...
> > > > Thanks Scott, I'm familiar with the syntax, but suppose that
your > server
> > > runs at US and the client at Siberia, so when the cookie will reach the
> > > recipient his browser will simply discard it.
> > > >
> > > > Oleg
> > > >
> > > > "Scott M." wrote:
> > > >
> > > > > Here you go Oleg:
> > > > >
> > > > > Example
> > > > > The following example sets the expiration time of the cookie
to 10
> > > minutes
> > > > > from the current time.
> > > > >
> > > > > [Visual Basic]
> > > > > Dim dt As DateTime = DateTime.Now()
> > > > > Dim ts As New TimeSpan(0,0,10,0)
> > > > >
> > > > >
> > > > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote
in > message
> > > > > news:8A**********************************@microsof t.com...
> > > > > > Actually my application involves Java Applet tah's embedded at one
> of
> > > > > ASPXs, so it could supply the local time... But I'm still

wondering
> how
> > > > > other people handle this issue without java script.
> > > > > >
> > > > > > Oleg
> > > > > >
> > > > > >
> > > > > > "S. Justin Gengo" wrote:
> > > > > >
> > > > > > > Yes,
> > > > > > >
> > > > > > > If you're able to get a value back from the client you
could > trust
> > > that
> > > > > you
> > > > > > > would know exactly when the cookie would expire.
> > > > > > >
> > > > > > > Of course this solution counts on the client having

javascript
> > > enabled.
> > > > > > >
> > > > > > > --
> > > > > > > Sincerely,
> > > > > > >
> > > > > > > S. Justin Gengo, MCP
> > > > > > > Web Developer / Programmer
> > > > > > >
> > > > > > > www.aboutfortunate.com
> > > > > > >
> > > > > > > "Out of chaos comes order."
> > > > > > > Nietzsche
> > > > > > > "Oleg Leikin" <Ol********@discussions.microsoft.com> wrote in
> > > message
> > > > > > >
news:EA**********************************@microsof t.com... > > > > > > > > Justin,
> > > > > > > >
> > > > > > > > do u mean that cookie expiration time is an absolute

value ?
> > > > > > > >
> > > > > > > > Oleg
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > "S. Justin Gengo" wrote:
> > > > > > > >
> > > > > > > > > Oleg,
> > > > > > > > >
> > > > > > > > > You could use a javascript to enter the client's
time into a
> > > hidden
> > > > > form
> > > > > > > > > field.
> > > > > > > > >
> > > > > > > > > Of course this information would then have to be
posted back
> > > before
> > > > > > > setting
> > > > > > > > > the cookie...
> > > > > > > > >
> > > > > > > > > Something like this:
> > > > > > > > >
> > > > > > > > > <script language="Javascript">
> > > > > > > > > <!--
> > > > > > > > > document.Form1.myHiddenField.value = new Date()
> > > > > > > > > //-->
> > > > > > > > > </script>
> > > > > > > > >
> > > > > > > > > --
> > > > > > > > > Sincerely,
> > > > > > > > >
> > > > > > > > > S. Justin Gengo, MCP
> > > > > > > > > Web Developer / Programmer
> > > > > > > > >
> > > > > > > > > www.aboutfortunate.com
> > > > > > > > >
> > > > > > > > > "Out of chaos comes order."
> > > > > > > > > Nietzsche
> > > > > > > > > "Oleg Leikin" <Ol********@discussions.microsoft.com>

wrote
> in
> > > > > message
> > > > > > > > >

news:91**********************************@microsof t.com...
> > > > > > > > > > Hi,
> > > > > > > > > >
> > > > > > > > > > (newbie question)
> > > > > > > > > >
> > > > > > > > > > I've created some simple .NET ASP application that

should
> > > store
> > > > > > > cookies at
> > > > > > > > > the client machine.
> > > > > > > > > >
> > > > > > > > > > According to the documentation cookie expiration
time is
> set
> > > via
> > > > > > > > > HttpCookie.Expires property, but property value is
the time
> of
> > > day
> > > > > on
> > > > > > > the
> > > > > > > > > client.
> > > > > > > > > >
> > > > > > > > > > How can I possibly know client local time ?
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Thanks in advance !!!
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > >
> > > > >
> > > > >
> > >
> > >
> > >
>
>
>


Nov 18 '05 #16

This discussion thread is closed

Replies have been disabled for this discussion.