Skip to content

Commit

Permalink
more robust ClearSessionCookie()
Browse files Browse the repository at this point in the history 
default domain changed from request Host to blank, recently
try to clear cookies for both
  • Loading branch information
@ploxiln
ploxiln committed Dec 19, 2017
1 parent d75f626 commit 74d0fbc
Showing 1 changed file with 9 additions and 1 deletion.
10 changes: 9 additions & 1 deletion oauthproxy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -300,7 +300,15 @@ func (p *OAuthProxy) SetCSRFCookie(rw http.ResponseWriter, req *http.Request, va
}

func (p *OAuthProxy) ClearSessionCookie(rw http.ResponseWriter, req *http.Request) {
http.SetCookie(rw, p.MakeSessionCookie(req, "", time.Hour*-1, time.Now()))
clr := p.MakeSessionCookie(req, "", time.Hour*-1, time.Now())
http.SetCookie(rw, clr)

// ugly hack because default domain changed
if p.CookieDomain == "" {
clr2 := *clr
clr2.Domain = req.Host
http.SetCookie(rw, &clr2)
}
}

func (p *OAuthProxy) SetSessionCookie(rw http.ResponseWriter, req *http.Request, val string) {
Expand Down

0 comments on commit 74d0fbc

Please sign in to comment.