Delete cookie by name?

javascript cookies

How can I delete a specific cookie with the name roundcube_sessauth?

Shouldn't the following:

function del_cookie(name) {
    document.cookie = 'roundcube_sessauth' + 
    '=; expires=Thu, 01-Jan-70 00:00:01 GMT;';
}

And then:

<a href="javascript:del_cookie(name);">KILL</a>

Kill the roundcube_sessauth cookie?


Solution 1:

You should define the path on which the cookie exists to ensure that you are deleting the correct cookie.

function set_cookie(name, value) {
  document.cookie = name +'='+ value +'; Path=/;';
}
function delete_cookie(name) {
  document.cookie = name +'=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;';
}

If you don't specify the path, the browser will set a cookie relative to the page you are currently on, so if you delete the cookie while on a different page, the other cookie continues its existence.

Edit based on @Evan Morrison's comment.
Be aware that in some cases to identify the correct cookie, the Domain parameter is required.
Usually it's defined as Domain=.yourdomain.com.
Placing a dot in front of your domain name means that this cookie may exist on any sub-domain (www also counts as sub-domain).

Also, as mentioned in @RobertT's answer, HttpOnly cookies cannot be deleted with JavaScript on the client side.

Solution 2:

In order to delete a cookie set the expires date to something in the past. A function that does this would be.

var delete_cookie = function(name) {
    document.cookie = name + '=;expires=Thu, 01 Jan 1970 00:00:01 GMT;';
};

Then to delete a cookie named roundcube_sessauth just do.

delete_cookie('roundcube_sessauth');

Solution 3:

//if passed exMins=0 it will delete as soon as it creates it.

function setCookie(cname, cvalue, exMins) {
    var d = new Date();
    d.setTime(d.getTime() + (exMins*60*1000));
    var expires = "expires="+d.toUTCString();  
    document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/";
}

setCookie('cookieNameToDelete','',0) // this will delete the cookie.

Solution 4:

I'm not really sure if that was the situation with Roundcube version from May '12, but for current one the answer is that you can't delete roundcube_sessauth cookie from JavaScript, as it is marked as HttpOnly. And this means it's not accessible from JS client side code and can be removed only by server side script or by direct user action (via some browser mechanics like integrated debugger or some plugin).

Related

How to initialise a string from NSData in Swift
How to fix WPF error: "Program does not contain a static 'Main' method suitable for an entry point"?
android TextView: setting the background color dynamically doesn't work
How to view corresponding SQL query of the Django ORM's queryset?
PHP error: "The zip extension and unzip command are both missing, skipping."
View differences of branches with meld?
Example using Hyperlink in WPF
How can I completely uninstall nodejs, npm and node in Ubuntu [closed]
How to use bootstrap-theme.css with bootstrap 3?
Can I Format/Erase This Disk?
Cut and paste in Finder copies to wrong folder
Can I write Latex in Notes?