Can Cookies Truly Never Expire?

Understanding the Expirability of Cookies

Cookies are essential for storing information on a user's device, allowing websites to provide personalized experiences. However, the question arises: Can we set cookies to never expire?

Expiration Mechanisms

All cookies follow a defined lifespan, as set by the HTTP cookie specification. By default, session cookies expire when the browser closes, while persistent cookies can have expiration dates in the future.

Setting a Never-Expiring Cookie

Technically, it is not possible to completely prevent the expiration of cookies. However, we can achieve practical perpetual cookie existence by setting a far-future expiration date.

Ex: A Cookie with a 10-Year Expiration Date

To set a cookie that expires in approximately ten years:

setcookie(
  "CookieName",
  "CookieValue",
  time() + (10 * 365 * 24 * 60 * 60)
);

Browser Limitations

Note that in 32-bit PHP systems, setting an expiration date beyond 2038 may result in an instant expiration due to number wrap-around.

Web Browser Restrictions (Chrome Update)

As of Chrome release M104 (August 2022), the maximum expiration limit for cookies has been set at 400 days in the future. This limitation may be adopted by other browsers in the future, effectively limiting cookie persistence.

The above is the detailed content of Can Cookies Truly Never Expire?. For more information, please follow other related articles on the PHP Chinese website!