0

I'm trying to delete a cookie, as detailed here

It works fine in Chrome, FF, but in IE11 it has no affect -i.e. subsequent requests to this domain send the vp_token cookie with the value that existed prior to this response.

Question: why does this response fail to 'delete' the vp_token cookie?

Note that it's a 302 response.

response headers

Community
  • 1
  • 1
tom
  • 2,189
  • 2
  • 15
  • 27
  • Have you tried setting the cookie expiration date further back in time than only 24 hours? – Adrian Sanguineti Mar 04 '15 at 00:57
  • Also does the 302 redirect to a different domain? – Adrian Sanguineti Mar 04 '15 at 01:17
  • The 302 is to the same domain. I'll try setting it back more than 24 hours, but seems like a weird possibility – tom Mar 04 '15 at 19:25
  • I tried 10 days, made no difference. – tom Mar 04 '15 at 21:24
  • Would you be able to provide more information on the request you are making? Instead of using IE dev tools, use [Fiddler](http://www.telerik.com/fiddler) to capture request. It would be good to see the original request with all headers, the 302 response as above, and the subsequent requests/responses that show that the cookie is still there. – Adrian Sanguineti Mar 04 '15 at 22:08
  • I have also noticed that you're using an older version of IE 11. Microsoft [changed the developer tools back in Dec 14](http://blogs.msdn.com/b/ie/archive/2014/12/09/announcing-the-redesigned-f12-developer-tools-interface.aspx). If it's possible for you to update, it would be interesting to see if the issue still occurs. – Adrian Sanguineti Mar 04 '15 at 22:19

1 Answers1

0

The server in this case was a testing environment, for which I have a self-signed SSL cert. The problem is not reproducible on our production environment, which uses a Digicert SSL cert.

So I'm going to tentatively conclude that this is a bug in IE related to self-signed SSL certs. Happy to change that assumption if anyone can shed more light on it!

tom
  • 2,189
  • 2
  • 15
  • 27
  • That is interesting. Have you tried adding the self-signed SSL cert to your local certificate store so that it is trusted and then see if the bug still occurs? – Adrian Sanguineti Mar 04 '15 at 21:49
  • Actually, it's already in the Windows certificate store, so I dont get any SSL errors. I should have mentioned the before.. It says, amongst other things "The connection to this server is encrypted" – tom Mar 04 '15 at 23:09