[System.Web] Fixes 50 year form authentication
This fixes the bug where form authentication tickets do not expire until 50 years later.
I bumped into this bug after upgrading mono from 4.2.2 to 4.4.0
Firstly, the authentication ticket's expiry must always equal to the timeout attribute on the <forms/> element. It doesn't matter whether persistent or session cookies are used.
Secondly, if the cookie is persistent, then it's expiry should be set to the same as that of the authentication ticket.
Reference: https://blogs.msdn.microsoft.com/dansellers/2006/02/15/change-to-asp-net-2-0-forms-authentication-persistent-cookies/
projects / mono.git / commit