Menu
I have a cookie with these parameters:
Name: workgroup_session_id Content: "" Domain: agrobman1.tsi.lan Path: / Send for: Any kind of connection Accessible to script: No (HttpOnly) Created: Wednesday, November 4, 2015 at 9:31:58 AM Expires: When the browsing session ends I have tried to delete the cookie using PHP using this code:
setcookie("workgroup_session_id", "\"\"", time() - 3600, "/", "agrobman1.tsi.lan", false, true); But I am still unable to delete it. Does anyone know how to delete a cookie of this type using PHP or JS?
207
By setting many cookies, an application can cause the browser to remove old cookies. This even works from JavaScript, and it also removes HttpOnly cookies. So by setting many cookies, it is possible for a script to remove HttpOnly cookies.
An HttpOnly cookie cannot be accessed by client-side APIs, such as JavaScript. This restriction eliminates the threat of cookie theft via cross-site scripting (XSS). If the browser allowed you to access it then it would be a defect in the browser.
Delete a Cookie with JavaScript Just set the expires parameter to a past date: document. cookie = "username=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;"; You should define the cookie path to ensure that you delete the right cookie.
You cannot delete an HttpOnly cookie on the client-side with javascript, as this post points out. It has to be done on the server side with node.js.
168
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
