问题
I am working on a function to delete the session cookies
Here is the source code:
<script language="javascript">
window.onload = function ()
{
/* $.cookie('!lithiumSSO:tomtom.stage', null);
$.cookie('LiSESSIONID', null);*/
delete_cookie('LiSESSIONID');
delete_cookie('!lithiumSSO:tomtom.stage');
};
function delete_cookie ( cookie_name )
{
var cookie_date = new Date ( ); // current date & time
cookie_date.setTime ( cookie_date.getTime() - 1 );
document.cookie = cookie_name += "=; expires=" + cookie_date.toGMTString();
alert('name:' +cookie_name);
jQuery.cookie('LiSESSIONID', null); //Try to using jQuery
}
I can set got a pop up window displays name:LiSESSIONID=; expires=Wed, 02 Feb 2011 10:56:52 GMT. Which is one hour behind. However, when I use firecookies, i saw this cookie still exists:
LiSESSIONID
7A10E3453B01DDFF934AC7AF71EAFEC3
forums.lithiumstage.tomtom.com
43 B
/
Session
HttpOnly
Does anyone have an idea why i can not kill the cookies? jQuery function state said undefined even I load the function
Thanks
回答1:
The reason is because the HttpOnly flag is set. This means that only the server side code can modify this cookie.
See: http://www.owasp.org/index.php/HTTPOnly
来源:https://stackoverflow.com/questions/4873591/delete-session-cookies-by-using-javascript