From bb5b14b963a1c7cb8906780eef2fd7c8feeccb82 Mon Sep 17 00:00:00 2001
From: Ron Kuris <swcafe@gmail.com>
Date: Wed, 15 Apr 2020 05:56:30 -0700
Subject: [PATCH] Include a path when clearing the cookie (#278)

Some browsers will refuse to remove a cookie that doesn't include the path
---
 samlsp/session_cookie.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/samlsp/session_cookie.go b/samlsp/session_cookie.go
index 6aa3b553..9668cfef 100644
--- a/samlsp/session_cookie.go
+++ b/samlsp/session_cookie.go
@@ -67,6 +67,7 @@ func (c CookieSessionProvider) DeleteSession(w http.ResponseWriter, r *http.Requ
 
 	cookie.Value = ""
 	cookie.Expires = time.Unix(1, 0) // past time as close to epoch as possible, but not zero time.Time{}
+	cookie.Path = "/"
 	http.SetCookie(w, cookie)
 	return nil
 }