Remove the cookies when deleting a session or clearing the session data

joerussbowman / gaeutilities

gaeutilities - A collection of utilities to help with application development on Google Appengine

http://gaeutilities.appspot.com

BSD 3-Clause "New" or "Revised" License

78 stars 4 forks source link

Remove the cookies when deleting a session or clearing the session data #18

Closed e2jk closed 14 years ago

e2jk commented 14 years ago

When deleting a session, the cookies are set to empty values, however they remain in the user's browser, which will then send those cookies even if there's no session added to it. In the same line, if you clear() a session, the "*_data" cookie is still laying around (with the value of "{}").

The second commit on my fork addresses this problem, setting the "expires" to 0 to effectively delete the cookie(s) when not needed anymore.

e2jk commented 14 years ago

Thanks for pulling in my changes. Closing this issue.