There is a problem with your current approach to setting the Response Cookie.
By using Response.Cookies after setting the header using Set-Cookie you are in effect creating a new empty cookie called "TestCookie". Instead, you want to incorporate the expiry into the existing Set-Cookie header.
Testing your code, this is the Response header contents:
<%
Function FormatCookieDateTime(interval, value, tz)
Dim dt: dt = DateAdd(interval, value, Date())
Dim tm: tm = Time()
Dim result: result = WeekDayName(WeekDay(dt), True) & ", " & _
Right("00" & Day(dt), 2) & "-" & _
MonthName(Month(dt), True) & "-" & _
Year(dt) & " " & _
Right("00" & Hour(Time()), 2) & ":" & _
Right("00" & Minute(Time()), 2) & ":" & _
Right("00" & Second(Time()), 2) & " " & tz
FormatCookieDateTime = result
End Function
Response.AddHeader "Set-Cookie", "TestCookie=This is a Test; path=/; SameSite=None; Secure; expires=" & FormatCookieDateTime("d", 1, "GMT")
%>
Built a function that makes setting the expiry using the correct format easier.
Remember Secure is for Secure Connections
Because you are setting two cookies (one via AddHeader() and one via Response.Cookie) it might not be clear but the first cookie with Secure set will be ignored by chrome if the connection is not using HTTPS. In fact, if you look at the request in Chrome Dev Tools you should see a warning symbol next to the Set-Cookie header that says (when hovered over) something along the lines of;
This set-cookie had the "Secure" attribute but was not received over a secure connection.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
