Apr-15-2022, 07:30 AM
Sessions aren't part of HTTP; they're layered on top by the application if it needs them (e.g. with cookies). As such, it's up to the backend what session management it has, how long you can keep the session alive, etc. Of course, if it's your backend, then you're in control and can implement whatever you like.