Setting Max-Age=X on a cookie is completely ignored

[oalders]

Reported via email by Robert Mueller.

In this commit dacc2b7 the max-age parameter is explicitly singled out to not discard, but unfortunately it introduces a bug because now we skip the main action of:

                else {
                    push(@cur, $k => $v);
                }

Which means it never ends up in @set, and thus never ends up in %hash, which means:

        my $maxage    = delete $hash{'max-age'};

Is always undef.

So basically setting Max-Age=X on a cookie is completely ignored in the current HTTP::Cookies 6.1

Changing:

                elsif (!$first_param && lc($k) eq 'max-age') {
                    $expires++;
                }

To:

                elsif (!$first_param && lc($k) eq 'max-age') {
                    $expires++;
                    push(@cur, "Max-Age" => $v);
                }

Fixes it.

[wolfsage]

5 days ago. Nice. I just hit this

[oalders]

Oof. I just got the email about it shortly before the long weekend, so didn't take the time to create a patch and matching test. Was hoping some kind soul might pick this up. 😄

[wolfsage]

I wish but this week it ain't me! Short week and vacation next week. Sorry!

[oalders]

In that case, I hope you enjoy your time off! 🌴 🌊 🏄‍♂️