Skip to content
This repository has been archived by the owner on Jan 24, 2019. It is now read-only.

Commit

Permalink
more robust ClearSessionCookie()
Browse files Browse the repository at this point in the history 
default domain changed from request Host to blank, recently
try to clear cookies for both
  • Loading branch information
@ploxiln
ploxiln committed Dec 13, 2017
1 parent d75f626 commit 8a62e3c
Showing 1 changed file with 9 additions and 1 deletion.
10 changes: 9 additions & 1 deletion oauthproxy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -300,7 +300,15 @@ func (p *OAuthProxy) SetCSRFCookie(rw http.ResponseWriter, req *http.Request, va
}

func (p *OAuthProxy) ClearSessionCookie(rw http.ResponseWriter, req *http.Request) {
http.SetCookie(rw, p.MakeSessionCookie(req, "", time.Hour*-1, time.Now()))
clr := p.MakeSessionCookie(req, "", time.Hour*-1, time.Now())
http.SetCookie(rw, clr)

// ugly hack because default domain changed
if p.CookieDomain == "" {
clr2 := *clr
clr2.Domain = req.Host
http.SetCookie(rw, &clr2)
}
}

func (p *OAuthProxy) SetSessionCookie(rw http.ResponseWriter, req *http.Request, val string) {
Expand Down

0 comments on commit 8a62e3c

Please sign in to comment.