Django does not delete cookie

Question

I have a site running Django 1.6 using a custom authentication backend (CoSign). Authentication works, but to log out I need to delete a cookie.

This is the cookie before logging out, using Firebug:

• Name: cookie_name
• Domain: cookie_domain
• Path: /
• Expires: Session
• Security: Secure

Here is my logout view:

from django.contrib.auth.views import logout as django_logout

def logout(request):
    if request.user.is_authenticated():
        response = django_logout(request,
                                 next_page=reverse("logout-confirmation"))
        response.delete_cookie('cookie_name',
                               domain="cookie_domain")
        return response
    else:
        messages.add_message(request,
                             messages.ERROR,
                             "You can't log out if you aren't logged "
                             "in first!")
        return HttpResponseRedirect(reverse("frontpage"))

cookie_name and cookie_domain in my code match the actual name and domain of the cookie.

Here are the response headers of the logout view:

Connection: "close"
Content-Length: "0"
Set-Cookie: "{{ cookie_name }}=; Domain={{ cookie_domain }}; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/sessionid=25lysb3tzhozv464mrgg08uqz100ur39; expires=Mon, 15-Sep-2014 19:07:22 GMT; httponly; Max-Age=1209600; Path=/"
Vary: "Cookie"

After going to my logout view, however, the cookie still exists! Can anyone shed some light on why this happens?

Answer 1

I fixed this by using set_cookie() with a manually entered expiry date, rather than delete_cookie(). Additionally, if I set the domain in Django, it prefixed a period which meant that it didn't match the existing cookie. I didn't enter a domain and it used the default, which worked.