Response.AddHeader "Set-Cookie" Expires Date


I'm having difficulty setting an expiry date on a cookie, using the code below, the cookie is always created with expiry date being 'Session'

Response.AddHeader "Set-Cookie", "Authentication=" & HashValue & "; expires=" & dateAdd("d", 365, Now()) & "; path=/; HttpOnly"

Open in new window

What am i missing?

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dave BaldwinFixer of ProblemsCommented:
Try 'Response.Cookies' instead of 'Response.AddHeader'.  More info here:
garethtnashAuthor Commented:
Hi Dave,

The only thing is that then I can't set HTTPOnly?

Dave BaldwinFixer of ProblemsCommented:
I just found out that 'dateAdd' creates the date in the wrong format for a cookie.  The cookie date format looks like this:
expires=Sat, 03 May 2025 17:44:22 GMT
expires=Sat, 03 May 2025 5:44:22 AM
expires=Sat, 03 May 2025 5:44:22 PM

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Build an E-Commerce Site with Angular 5

Learn how to build an E-Commerce site with Angular 5, a JavaScript framework used by developers to build web, desktop, and mobile applications.

garethtnashAuthor Commented:
Thanks for highlighting this Dave, are there any existing vbscript functions, to format the date in the required format?

Dave BaldwinFixer of ProblemsCommented:
I don't know at the moment except that there must be.  This isn't something new.
Dave BaldwinFixer of ProblemsCommented:
Here is a demo page with a lot of variations including your code which works fine here.  Remember you can only read the cookie the Second time you load the page, not the first time.
Response.Cookies("firstname")="Alex J Brown"
Response.Cookies("firstname").Expires=#Nov 12,2017#

Cexpires = dateAdd("d", 365, Now())
Response.AddHeader "Set-Cookie", "YourCookieName=HTTPCookieValue; path=/; HttpOnly;"
Response.AddHeader "Set-Cookie", "Authentication=SomeHTTPValue; expires=" & dateAdd("d", 365, Now()) & "; path=/; HttpOnly"

<!DOCTYPE html>

response.write("Firstname = " & fname & "<br>" & "<br>")

response.write(CStr("300000") & "<br>")
response.write(CStr(#10-05-25#) & "<br>")
response.write(CStr(Now) & "<br>")

<p><b>ASP/VBscript response</b></p>
dim x,y
for each x in Request.Cookies
  if Request.Cookies(x).HasKeys then
    for each y in Request.Cookies(x)
      response.write(x & ":" & y & "=" & Request.Cookies(x)(y))
    Response.Write(x & "=" & Request.Cookies(x) & "<br>")
  end if
  response.write "</p>"
<p><b>Javascript Response</b></p>
<script type="text/javascript">
function listCookies() {
    var theCookies = document.cookie.split(';');
    var aString = '';
    for (var i = 1 ; i <= theCookies.length; i++) {
        aString += '<br>' + i + ' ' + theCookies[i-1] + "\n";
    return aString;

myCookies = listCookies();
// -->

Open in new window

garethtnashAuthor Commented:
Hi Dave - apologies for the delayed response - this is great thank you
Dave BaldwinFixer of ProblemsCommented:
You're welcome.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VB Script

From novice to tech pro — start learning today.