Session cookie cannot be configured with Session storage duration.

SessionConfig does not allow configuration of the session cookie to expire when the browser tab is closed. Instead, a Max-Age needs to be specified in SessionConfig.idle which is then converted into an Expiry date.

It might be desirable to expose the HTTPCookie.Expiration type instead of just allowing Max-Age cookies to allow more flexible cookie configurations. Session cookies that get removed on tab close cannot be emulated with the existing mechanism (HTTPCookie.Expiration.session would be required).