cannot delete cookies

Asked Mar 27 '13 at 09:29

Active Mar 27 '13 at 12:13

Viewed 237 times

I've a controller (on tomcat 7) from which I want to delete cookies. My domain is "test.mydomain.de" for example. Here is my code:

private void removeCookies(HttpServletRequest request, HttpServletResponse response) {
  Cookie[] allCookies = request.getCookies();
  for( Cookie cookie : allCookies ) {
    if(! (cookie.getName().equals( "JSESSIONID")) {
      cookie.setMaxAge(0);
      response.addCookie(cookie);
    }
  }
}

That works well for cookies set with domain "test.mydomain.de". But there are 2 cookies set by javascript with domain (host) ".mydomain.de". Path is "/". They are not secure and not httponly. I tried cookie.setDomain(".mydomain.de"); and cookie.setPath("/");. In the response header (Set-Cookie) I see Expires=Thu, 01-Jan-1970 00:00:10 GMT but Firefox (version 14.0.1) does not delete the cookies.

edited Mar 27 '13 at 12:13

asked Mar 27 '13 at 09:29

volwei

You meant `cookie.setDomain(".mydomain.de");`? This should just work. – Bruno Grieder Mar 27 '13 at 10:10
I meant that. Corrected. No, it does not work. – volwei Mar 27 '13 at 12:13

cannot delete cookies

0 Answers0