How do I delete a session cookie?

[tanderso]

Setting a cookie with an expiration date makes it a persistent cookie saved to the HD. Setting a cookie with no expiration date makes it a session cookie, only lasting until the browser is closed. The former type are easily deleted by overwriting the cookie with a new expiration date earlier than the current date. This technique does not appear to work (or at least not consistently) on session cookies. After searching the web in vain, I cannot seem to come up with a way to clear session cookies other than closing all open browser windows. I need to set and delete cookies depending on actions within the window. Can this be done with session cookies, or must I only use persistent cookies for this?

Sincerely,

Tom Anderson
Order amid Chaos, Inc.

http://www.oac-design.com

 

[jemminger]

how about setting the cookie's value to an empty string?


=========================================================
-jeff

http://www.jeffemminger.com

try { succeed(); } catch(E) { tryAgain(); }

 

[BillyRayPreachersSon]

Damn... Beat me to it ;o)

Dan

 

[tanderso]

Fair enough, the cookie will evaluate false. However, this is a work-around rather than an answer. Is there a way to actually delete the cookie? I would like deleteCookie("COOKIE&quot to remove the cookie. However, since my deleteCookie function works by assigning an expiration date, it seems as though it doesn't even change the content of the cookie unless I leave the expiration date off. My deleteCookie function would have to set the cookie twice, once to a null string with no expiration date, and then again with an expiration date. This seems convoluted to me, especially since it will actually create an extra cookie where one didn't exist before if I only had a persistent cookie. Moreover, does this effect the 20 cookie/server limit? The alternative is to create two deleteCookie functions, or pass in a parameter, but this requires that my code now distinguish between session cookies and persistent cookies throughout... what a pain in the ass.

I searched the web for a comprehensive description of how cookies work, particularly in javascript, but came up empty. It seems that nobody has a well-formed idea of exactly how cookies work!

Sincerely,

Tom Anderson
Order amid Chaos, Inc.

http://www.oac-design.com

 

[philote]

I found this:
The expires header lets the client know when it is safe to purge the mapping but the client is not required to do so. A client may also delete a cookie before it's expiration date arrives if the number of cookies exceeds its internal limits.
on

http://wp.netscape.com/newsref/std/cookie_spec.html

And from other places I read that cookies don't usually get deleted until the browsing session has ended.

How about just setting all cookies' values to "" in your delete function? And are you sure you can't set the expiration and the cookie's value at the same time? When you send a cookie to the client with the same path and name as an existing cookie, it should overwrite the existing one.

 

[tanderso]

Philote,

Thanks for your response. It is certainly possible to set the expiration date and the value at the same time, but only on persistent cookies. Every time I try to set a value and expiration on a session cookie, the value remains unchanged.

It seems the solution is either only use persistent cookies, or else use two seperate delete functions.

Sincerely,

Tom Anderson
Order amid Chaos, Inc.

http://www.oac-design.com