I am trying to write PHP code to delete all of the user cookies on my domain.
Here is what I got:
<?php
$domain = 'www.example';
$deleteExpiration = time() - 60*60*24*365*10; // 10 years ago
foreach (array_keys($_COOKIE) as $cookie) {
setcookie($cookie, 0, $deleteExpiration, '/', $domain);
}
Running this code on .php deletes all cookies that were set on the server, but not cookies that were set in JavaScript.
I verified using the Firefox Cookies dialog that the problematic cookies are indeed from (path=/; domain=www.example). Using Live HTTP headers, I can see that the following header is sent:
Set-Cookie: CookieName=0; expires=Fri, 12-Mar-1999 19:36:15 GMT; path=/; domain=www.example
So I believe the setcookie mand is working as expected. Firefox is just not honoring the request.
One additional thing that I noticed is that if I set a cookie with domain=www.example on the server, then it is listed in the Firefox cookie dialog with domain=".www.example", but if I set the following cookie using JavaScript code then the leading dot is not added.
What am I doing wrong? How can I delete these cookies?
I am trying to write PHP code to delete all of the user cookies on my domain.
Here is what I got:
<?php
$domain = 'www.example.';
$deleteExpiration = time() - 60*60*24*365*10; // 10 years ago
foreach (array_keys($_COOKIE) as $cookie) {
setcookie($cookie, 0, $deleteExpiration, '/', $domain);
}
Running this code on http://www.example./delete_cookies.php deletes all cookies that were set on the server, but not cookies that were set in JavaScript.
I verified using the Firefox Cookies dialog that the problematic cookies are indeed from (path=/; domain=www.example.). Using Live HTTP headers, I can see that the following header is sent:
Set-Cookie: CookieName=0; expires=Fri, 12-Mar-1999 19:36:15 GMT; path=/; domain=www.example.
So I believe the setcookie mand is working as expected. Firefox is just not honoring the request.
One additional thing that I noticed is that if I set a cookie with domain=www.example. on the server, then it is listed in the Firefox cookie dialog with domain=".www.example.", but if I set the following cookie using JavaScript code then the leading dot is not added.
What am I doing wrong? How can I delete these cookies?
Share Improve this question edited Aug 10, 2014 at 10:26 Sam 7,39816 gold badges47 silver badges68 bronze badges asked Mar 9, 2009 at 19:41 sagisagi 5,7671 gold badge33 silver badges31 bronze badges 2- stackoverflow./a/25967822/1642018 – user1642018 Commented Sep 22, 2014 at 6:29
-
You might find
$cookie->delete()helpful, as found in this standalone library. – caw Commented Sep 21, 2016 at 3:52
1 Answer
Reset to default 6I've had a similar issue and it was solved by just not passing the domain.
setcookie($cookie, '', 1, '/');
On a side note from cookie_spec "Setting the path to a higher-level value does not override other more specific path mappings. If there are multiple matches for a given cookie name, but with separate paths, all the matching cookies will be sent." So if you have same name cookies at different path locations you will have to delete each one.