search

mdn / content

The content behind MDN Web Docs
https://developer.mozilla.org
Other
9.14k stars 22.46k forks source link

“Using HTTP cookies” needs a note on how to delete/unset a cookie #25324

Open quinncomendant opened 1 year ago

quinncomendant commented 1 year ago

MDN URL

https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies

What specific section or headline is this issue about?

The Set-Cookie and Cookie headers

What information was incorrect, unhelpful, or incomplete?

Section explains how to create a cookie, but not how to delete one.

What did you expect to see?

There's lots of articles on the web with different opinions about how to remove a cookie. I would like MDN to provide some authoritative guidance on the recommended way to immediately remove a cookie that was previously created.

Do you have any supporting links, references, or citations?

No response

Do you have anything more you want to share?

No response

MDN metadata

Page report details * Folder: `en-us/web/http/cookies` * MDN URL: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies * GitHub URL: https://github.com/mdn/content/blob/main/files/en-us/web/http/cookies/index.md * Last commit: https://github.com/mdn/content/commit/eb9eef29f1ccdaf1c8a464dbe4483c78f7a13b2a * Document last modified: 2023-03-03T04:45:34.000Z
Andrew-Cottrell commented 1 year ago

The section Define the lifetime of a cookie includes

Permanent cookies are deleted at a date specified by the Expires attribute, or after a period of time specified by the Max-Age attribute.

It seems clear that non-session cookie may be deleted by specifying either an Expires attribute or a Max-Age attribute that denotes a timestamp for a past moment. However, it is unclear here that session cookies may be deleted in the same manner.

It may be helpful here to include the following statement from the Notes section of the Document.cookie page

You can delete a cookie by updating its expiration time to zero.

And/or the following statements from the Attributes section of the Set-Cookie page

Max-Age: A zero or negative number will expire the cookie immediately.

Alternatively, the following statement

A cookie may be deleted either by specifying an Expires attribute that denotes a timestamp for a past moment, or by specifying a Max-Age attribute with a zero or negative number.

Josh-Cena commented 3 months ago

Fixed by https://github.com/mdn/content/pull/33138

quinncomendant commented 3 months ago

Hi @Josh-Cena, there are a lot of changes introduced in https://github.com/mdn/content/pull/33138, so forgive me if I missed it, but I don't see where this pull request addresses the issue (specifically, it doesn't provide a code example showing how to immediately delete an existing cookie). Thanks!

Josh-Cena commented 3 months ago

You are right, it should probably be demonstrated more explicitly.