Added logic to skip the Expires value if Max-Age is set to -1 in cookies. Based on the feedback on #51

Author: sapessi

aws-serverless-java-container-core/src/main/java/com/amazonaws/serverless/proxy/internal/servlet/AwsHttpServletResponse.java

@@ -98,13 +98,15 @@ public void addCookie(Cookie cookie) {
         }
         cookieData += "; Max-Age=" + cookie.getMaxAge();
 
-        // we always set the timezone to GMT
-        TimeZone gmtTimeZone = TimeZone.getTimeZone(COOKIE_DEFAULT_TIME_ZONE);
-        Calendar currentTimestamp = Calendar.getInstance(gmtTimeZone);
-        currentTimestamp.add(Calendar.SECOND, cookie.getMaxAge());
-        SimpleDateFormat cookieDateFormatter = new SimpleDateFormat(HEADER_DATE_PATTERN);
-        cookieDateFormatter.setTimeZone(gmtTimeZone);
-        cookieData += "; Expires=" + cookieDateFormatter.format(currentTimestamp.getTime());
+        if (cookie.getMaxAge() > 0) {
+            // we always set the timezone to GMT
+            TimeZone gmtTimeZone = TimeZone.getTimeZone(COOKIE_DEFAULT_TIME_ZONE);
+            Calendar currentTimestamp = Calendar.getInstance(gmtTimeZone);
+            currentTimestamp.add(Calendar.SECOND, cookie.getMaxAge());
+            SimpleDateFormat cookieDateFormatter = new SimpleDateFormat(HEADER_DATE_PATTERN);
+            cookieDateFormatter.setTimeZone(gmtTimeZone);
+            cookieData += "; Expires=" + cookieDateFormatter.format(currentTimestamp.getTime());
+        }
 
         setHeader(HttpHeaders.SET_COOKIE, cookieData, false);
     }

aws-serverless-java-container-core/src/test/java/com/amazonaws/serverless/proxy/internal/servlet/AwsHttpServletResponseTest.java

@@ -128,6 +128,17 @@ public void cookie_addCookie_positiveMaxAgeExpiresDate() {
         assertEquals(dateFormat.format(testExpiration.getTime()), dateFormat.format(expiration.getTime()));
     }
 
+    @Test
+    public void cookie_addCookieWithoutMaxAge_expectNoExpires() {
+        AwsHttpServletResponse resp = new AwsHttpServletResponse(null, null);
+        Cookie simpleCookie = new Cookie(COOKIE_NAME, COOKIE_VALUE);
+        resp.addCookie(simpleCookie);
+
+        String cookieHeader = resp.getHeader(HttpHeaders.SET_COOKIE);
+        assertNotNull(cookieHeader);
+        assertFalse(cookieHeader.contains("Expires"));
+    }
+
     private int getMaxAge(String header) {
         Matcher ageMatcher = MAX_AGE_PATTERN.matcher(header);
         assertTrue(ageMatcher.find());

aws-serverless-java-container-spark/src/test/java/com/amazonaws/serverless/proxy/spark/HelloWorldSparkTest.java

@@ -75,7 +75,7 @@ public void multiCookie_setCookieOnResponse_singleHeaderWithMultipleValues() {
         assertEquals(200, response.getStatusCode());
         assertTrue(response.getHeaders().containsKey(HttpHeaders.SET_COOKIE));
         // we compare against 4 because the expiration date of the cookies will also contain a string
-        assertEquals(4, response.getHeaders().get(HttpHeaders.SET_COOKIE).split(",").length);
+        assertEquals(2, response.getHeaders().get(HttpHeaders.SET_COOKIE).split(",").length);
         assertTrue(response.getHeaders().get(HttpHeaders.SET_COOKIE).contains(COOKIE_NAME + "=" + COOKIE_VALUE));
         assertTrue(response.getHeaders().get(HttpHeaders.SET_COOKIE).contains(COOKIE_NAME + "2=" + COOKIE_VALUE + "2"));
         assertTrue(response.getHeaders().get(HttpHeaders.SET_COOKIE).contains(COOKIE_DOMAIN));