Treat Max-Age<=0 as immediate expiry (#805)

Align strict Max-Age parsing with RFC 6265 user-agent processing.
Non-positive delta-seconds now expire cookies immediately instead of being rejected as malformed.

Author: arturobernalg

httpclient5/src/main/java/org/apache/hc/client5/http/impl/cookie/BasicMaxAgeHandler.java

@@ -69,9 +69,10 @@ public void parse(final SetCookie cookie, final String value)
             throw new MalformedCookieException ("Invalid 'max-age' attribute: "
                     + value);
         }
-        if (age < 0) {
-            throw new MalformedCookieException ("Negative 'max-age' attribute: "
-                    + value);
+        if (age <= 0) {
+            // RFC 6265 user-agent processing: delta-seconds <= 0 means immediate expiry.
+            cookie.setExpiryDate(Instant.EPOCH);
+            return;
         }
         cookie.setExpiryDate(Instant.now().plusSeconds(age));
     }

httpclient5/src/test/java/org/apache/hc/client5/http/impl/cookie/TestBasicCookieAttribHandlers.java

@@ -270,6 +270,17 @@ void testBasicMaxAgeParse() throws Exception {
         Assertions.assertNotNull(cookie.getExpiryInstant());
     }
 
+    @Test
+    void testBasicMaxAgeParseDeleteNow() throws Exception {
+        final BasicClientCookie cookie = new BasicClientCookie("name", "value");
+        final CookieAttributeHandler h = BasicMaxAgeHandler.INSTANCE;
+        h.parse(cookie, "0");
+        Assertions.assertEquals(Instant.EPOCH, cookie.getExpiryInstant());
+        final BasicClientCookie cookie2 = new BasicClientCookie("name", "value");
+        h.parse(cookie2, "-1");
+        Assertions.assertEquals(Instant.EPOCH, cookie2.getExpiryInstant());
+    }
+
     @Test
     void testBasicMaxAgeParseInvalid() {
         final BasicClientCookie cookie = new BasicClientCookie("name", "value");