This has been an interesting bug to fix, since it only happened remotely. So enjoy this summary that I totally didn't copy from the chat with Angelo to explain it:
Cookies are stored per domain, subdomain even.
The current domain has to match the domain it is saved with to be able to be read, but also to be removed.
Especially when you remove a cookie, you have to specify the domain it was saved with.
So, usually that would be window.location.hostname
But in our case they got saved without specifying a domain.
So the domain defaults to something like that, but not entirely? I don't really know, but that's why it worked locally but not remotely.
This has been an interesting bug to fix, since it only happened remotely. So enjoy this summary
that I totally didn't copy from the chat with Angelo to explain it:window.location.hostnameReferencing issues Closes #193