Extend expiration of user benefits cookies to 30 days #14810
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
tjmw
changed the title
7 tasks
tjmw
force-pushed
the
tw/extend-benefits-cookie-expiration
branch
from
933b667 to
b14c278
Compare
tjmw
added a commit
to guardian/support-frontend
that referenced
this pull request
Dec 2, 2025
The cookie which tracks when to refresh benefits cookies is reduced to 1 day, like everywhere else. This is part of a wider change to benefits cookie expiration to fix an issue where signed-in users with ad free benefits who didn't visit the site for time period would sometimes see ads on their first returning pageview. This change makes this less likely to happen by extending the expiration of user benefits cookies. This is due to a race condition between the user benefits refresh and the ads code. However, we don't want to delay ads until after the user benefits have been refreshed as that would impact performance. So instead, extend the expiry of the cookie. See also: guardian/frontend#28352 guardian/dotcom-rendering#14810 guardian/gateway#3285
Previouly they were short lived (1-2 days) but this resulted in edge cases where if a signed in user didn't visit the site for more than a couple of days, when they returned their first page view wouldn't reflect their benefits (i.e. they would see ads). This is due to a race condition between the user benefits refresh and the ads code. However, we don't want to delay ads until after the user benefits have been refreshed as that would impact performance. So instead, extend the expiry of the cookie. Note: this may result in a user getting benefits they no longer have on the first returning pageview, but this will be correct from the second page view onwards. We think this is OK. This also means we now remove cookies if the user benefits response says they no longer have the benefit, rather than simply letting the cookie expire.
tjmw
force-pushed
the
tw/extend-benefits-cookie-expiration
branch
from
b14c278 to
5179c55
Compare
|
Hello 👋! When you're ready to run Chromatic, please apply the You will need to reapply the label each time you want to run Chromatic. |
tjmw
added a commit
to guardian/frontend
that referenced
this pull request
Dec 8, 2025
Before this change signed-in users who didn't visit the site for > 2 days would sometimes see ads on their first returning pageview, even if they have a product which gives them ad free access. This change makes this less likely to happen by extending the expiration of user benefits cookies. This PR extends the expiration of all user benefits cookies to 30 days - GU_AF1, gu_allow_reject_all, gu_hide_support_messaging. Previously user benefits cookies were short lived (1-2 days) but this resulted in edge cases as described above. This is due to a race condition between the user benefits refresh and the ads code. However, we don't want to delay ads until after the user benefits have been refreshed as that would impact performance. So instead, extend the expiry of the cookie. Note: this may result in a user getting benefits they no longer have on the first returning pageview, but this will be correct from the second page view onwards. We think this is OK. This also means we now remove cookies if the user benefits response says they no longer have the benefit, rather than simply letting the cookie expire. See also guardian/dotcom-rendering#14810.
tjmw
added a commit
to guardian/support-frontend
that referenced
this pull request
Dec 8, 2025
Extend benefits cookie expiry to 30 days. The cookie which tracks when to refresh benefits cookies is reduced to 1 day, like everywhere else. This is part of a wider change to benefits cookie expiration to fix an issue where signed-in users with ad free benefits who didn't visit the site for > the length of the cookie expiration period would sometimes see ads on their first returning pageview. This change makes this less likely to happen by extending the expiration of user benefits cookies. This is due to a race condition between the user benefits refresh and the ads code. However, we don't want to delay ads until after the user benefits have been refreshed as that would impact performance. So instead, extend the expiry of the cookie. See also: guardian/frontend#28352 guardian/dotcom-rendering#14810 guardian/gateway#3285
tjmw
added a commit
to guardian/gateway
that referenced
this pull request
Dec 8, 2025
This PR extends the expiration of all user benefits cookies to 30 days - `GU_AF1`, `gu_allow_reject_all`, `gu_hide_support_messaging`. The cookie which tracks when the other cookies need refreshing (`gu_user_benefits_expiry`) continue to have an expiry of 1 day. Previously these cookies were short lived (1-2 days) but this resulted in edge cases where if a signed in user didn't visit the site for more than a couple of days, when they returned their first page view wouldn't reflect their benefits (i.e. they would see ads). This is due to a race condition between the user benefits refresh and the ads code. However, we don't want to delay ads until after the user benefits have been refreshed as that would impact performance. So instead, extend the expiry of the cookie. Note: this may result in a user getting benefits they no longer have on the first returning pageview, but this will be correct from the second page view onwards. We think this is OK. See also: guardian/frontend#28352 guardian/dotcom-rendering#14810 guardian/support-frontend#7559
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this change?
This PR extends the expiration of all user benefits cookies to 30 days -
GU_AF1,gu_allow_reject_all,gu_hide_support_messaging. Thegu_user_benefits_expirycookies continues to have an expiry of 1 day, so we'll recheck every day while the user is signed in.Why?
Previously they were short lived (1-2 days) but this resulted in edge cases where if a signed-in user didn't visit the site for more than a couple of days, when they returned their first page view wouldn't reflect their benefits (i.e. they would see ads). This is due to a race condition between the user benefits refresh and ads code. However, we don't want to delay ads until after the user benefits have been refreshed as that would impact performance. So instead, extend the expiration of the cookie.
Note: this may result in a user getting benefits they no longer have on the first returning pageview, but this will be correct from the second page view onwards. We think this is OK.
This also means we now remove cookies if the user benefits response says they no longer have the benefit, rather than simply letting the cookie expire.
Note: this logic also exists in frontend and gateway, so has been updated in both those repos too:
guardian/frontend#28352
guardian/gateway#3285