I want my cookie to disappear when the user closes their brower-- I've already set some promising looking properties, but my cookies pop back to live even after closing the entire browser.
HttpCookie cookie = new HttpCookie("mycookie", "abc");
cookie.HttpOnly = true; //Seems to only affect script access
cookie.Secure = true; //Seems to affect only https transport
What property or method call am I missing to achieve an in memory cookie?
The best way to handle non-persistent cookies timeout with the browser open is add a key value for timeout. The code below is used for a log in user id key value and encryption(not included) security for browser compatibility. I do not use forms authentication.
HttpCookie cookie = new HttpCookie(name);
cookie.Values["key1"] = value;
cookie.Values["key2"] = DateTime.Now.AddMinutes(70).ToString();
//timeout 70 minutes with browser open
cookie.Expires = DateTime.MinValue;
cookie.Domain = ConfigurationManager.AppSettings["website_domain"];
System.Web.HttpContext.Current.Response.Cookies.Add(cookie);
When checking the cookie key value use:
try
{
DateTime dateExpireDateTime;
dateExpireDateTime = DateTime.Parse(HttpContext.Current.Request.Cookies[name]["key2"]);
if (DateTime.Now > dateExpireDateTime)
{
//cookie key value timeout code
}
else
{
//reset cookie
}
catch
{
//clear cookie and redirect to log in page
}
I have found compatibility issues using forms authentication and Google Chrome.