*真的*用javascript删除cookie [英] *Really* deleting cookies with javascript
问题描述
在javascript中删除Cookie的方法是将过期日期设置为过期日期。现在这不会真正删除cookie,至少在Firefox中。
The way to delete cookies in javascript is to set the expiry date to be in the past. Now this doesn't actually delete the cookie, at least in Firefox. It just means the cookie will be deleted on browser close.
这是我们的一个问题:我们有一个产品涉及归档来自许多网站的网页,所有网站这个内容存储在我们的服务器上。为了确保页面呈现正确,我们包括所有的js。但是,通常cookie由js设置,并且由于页面缓存在我们的服务器上,这些cookie设置在我们的域下。
This is a problem for us: we have a product that involves archiving web pages from potentially many sites, with all this content stored on our server. And to make sure that pages render properly we include all js as well. However often cookies are set by js, and given that the page is cached on our server, these cookies are set under our domain.
因此,随着时间的推移,来自数十个归档网站的Cookie在我们的域下建立。最后,Cookie标头超过了最大内容长度,导致出现HTTP 400错误代码。
So over time cookies from dozens of archived sites build up under our domain. And eventually the Cookie header exceeds the max content length, resulting in an HTTP 400 error code.
由于我们的客户端大多在企业环境中,他们从不重新启动计算机或关闭他们的浏览器:他们可以留下几个月。所以这个软删除不起作用,至少不可靠。
And because our clients are mostly in corporate environments they never reboot their machines or close their browsers: they can be left on for months. So this "soft" delete doesn't work, at least not reliably.
有没有什么方法在javscript中物理删除cookie session-session?或者,有没有办法阻止他们设置?
Is there any way to physically remove cookies intra-session in javscript? Or alternatively, is there any way to stop them being set?
推荐答案
这是不可能的。期。
谁发明了 cookie getter / setter应该是%insert_painful_punishment_here%。
Whoever invented the cookie getter/setter should be %insert_painful_punishment_here%.
特别是Internet Exploder是一个野兽,当谈到删除cookie。我不记得确切的问题,但我认为它涉及https和cookie名称包含; 。
Particularly Internet Exploder is a beast when it comes to deleting cookies. I can't remember the exact issue, but I think it involved https and cookie names containing ;.
我可以提供是一个解决方法:发送一个响应正文与您的400响应,像请重新启动您的浏览器。
All I can offer is a workaround: Send a response body with your 400 response, something like 'please restart your browser'.
这篇关于*真的*用javascript删除cookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
