I want to logout my web App in browser when click the logout button.And want to implement it just with js code.So,there's no logout servlet. That means,i need to delete the sessionid which is used now and stored in browser memory,but how can I do the same?
I want to logout my web App in browser when click the logout button.And want to implement it just with js code.So,there's no logout servlet. That means,i need to delete the sessionid which is used now and stored in browser memory,but how can I do the same?
Share Improve this question edited Apr 26, 2012 at 6:30 Ramesh 13.3k4 gold badges54 silver badges88 bronze badges asked Apr 26, 2012 at 6:21 SKing7SKing7 3012 gold badges4 silver badges4 bronze badges1 Answer
Reset to default 11All your session cookies should be httpOnly for security reasons. This would ensure the cookies are not accessible in javascript and would reduce the risk in case of XSS attach. Which also means that the cookie cannot be just cleared at client side.
When the user clicks logout, you may be interested in clearing the server side resources. At least for that you should be hitting the server.
With the above being said. I would remend you make an AJAX call to your servlet and which can clear your cookie as well as free up server side resources allocated for that session.
If you are still not convinced and have to clear the cookie using javascript please refer to SO question delete cookies using javascript