* Allow to unset cookies via negative lifetime values

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1923725 13f79535-47bb-0310-9956-ffa450edef68
apache · Feb 11, 2025 · 3af0d14 · 3af0d14
1 parent eb450d3
commit 3af0d14
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 1 deletion.
diff --git a/changes-entries/mod_rewrite_unset_cookie.txt b/changes-entries/mod_rewrite_unset_cookie.txt
@@ -0,0 +1 @@
+  *) mod_rewrite: Allow to unset cookies in the browser. [Ruediger Pluem]
diff --git a/docs/manual/rewrite/flags.xml b/docs/manual/rewrite/flags.xml
@@ -223,6 +223,7 @@ security model.</dd>
 <dd>A value of 0 indicates that the cookie will persist only for the
 current browser session. This is the default value if none is
 specified.</dd>
+<dd>A negative value causes the cookie to be unset in the browser.</dd>
 
 <dt>Path</dt>
 <dd>The path, on the current website, for which the cookie is valid,

diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c
@@ -2758,7 +2758,7 @@ static void add_cookie(request_rec *r, char *s)
                 long exp_min;
 
                 exp_min = atol(expires);
-                if (exp_min) {
+                if (exp_min > 0) {
                     apr_time_exp_gmt(&tms, r->request_time
                                      + apr_time_from_sec((60 * exp_min)));
                     exp_time = apr_psprintf(r->pool, "%s, %.2d-%s-%.4d "
@@ -2769,6 +2769,9 @@ static void add_cookie(request_rec *r, char *s)
                                            tms.tm_year+1900,
                                            tms.tm_hour, tms.tm_min, tms.tm_sec);
                 }
+                else if (exp_min < 0) {
+                    exp_time = "Thu, 01 Jan 1970 00:00:00 GMT";
+                }
             }
 
             cookie = apr_pstrcat(rmain->pool,
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		*) mod_rewrite: Allow to unset cookies in the browser. [Ruediger Pluem]