deleting cookie from $cookies doesn't delete cookie in IE #3988

Closed
jnizet opened this Issue Sep 12, 2013 · 5 comments

Projects

None yet

4 participants

@jnizet
Contributor
jnizet commented Sep 12, 2013

Here's the situation:

The application is served from the root of a web server.
The index.html doesn't have a <base> tag. The server sets a session cookie named XSRF-TOKEN with a path set to /. This cookie is visible by the JS code, and is present in the $cookies object. But calling delete $cookies['XSRF-TOKEN'] or $cookies['XSRF-TOKEN'] = undefined does not delete the cookie from the browser.

If, in debug mode, I set the cookiePath variable to '/' (in angular.js, in the cookies API), then the cookie is deleted.

If I add a <base href="/" /> to index.html, then the cookie is also deleted (but I don't see why I would need a base tag when the app is served from the root).

If I don't set the path of the cookie to /, it isn't visible from JavaScript.

If I change the following line in angular.js :

rawDocument.cookie = escape(name) + "=;path=" + cookiePath + ";expires=Thu, 01 Jan 1970 00:00:00 GMT";

to

rawDocument.cookie = escape(name) + "=;expires=Thu, 01 Jan 1970 00:00:00 GMT"; 

then the cookie is deleted. But I'm not sure what the goal and importance of the path attribute is in this line.

This is with angular 1.2.0-rc.1.

@jnizet
Contributor
jnizet commented Sep 12, 2013

Workaround: if I don't set the cookie in the response, from the server, but simply return it as part of the response body (in JSON), and then create the cookie in the browser, using $cookies, everything works fine.

@petebacondarwin
Member

IE has some funny things going on with cookies. Can you confirm if the problem exists in other browsers?

@jnizet
Contributor
jnizet commented Sep 16, 2013

I haven't reproduced it with Chrome and Firefox. I haven't tested with other ones.

@saulovenancio

Can some one help with this problem.
It is not deleting cookie on Chrome iether.
I try to delete it using $cookies and also $cookieStore and it is not removing it.
If i try to use both of these commands and then retrieve document.cookie
the cookie is still there.
Is there any reason for that?
Thanks for responses.

@khaledmasud82

Check out the link below
https://code.google.com/p/selenium/issues/detail?id=5101
In which project member states, that:

httpOnly cookies can not be deleted. In some cased httpOnly cookie set true by default. Changed this to false and then try to delete cookies.

@shahata shahata added a commit to shahata/angular.js that referenced this issue Dec 19, 2014
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324, #3988, #1786, #950
73fccee
@shahata shahata added a commit to shahata/angular.js that referenced this issue Dec 19, 2014
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324, #3988, #1786, #950
99beb32
@shahata shahata added a commit to shahata/angular.js that referenced this issue Dec 19, 2014
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324, #3988, #1786, #950
1a8e225
@shahata shahata added a commit to shahata/angular.js that referenced this issue Jan 5, 2015
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324
Closes #3988
Closes #1786
Closes #950
d456789
@shahata shahata added a commit to shahata/angular.js that referenced this issue Feb 28, 2015
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324
Closes #3988
Closes #1786
Closes #950
4c27f2f
@shahata shahata added a commit to shahata/angular.js that referenced this issue Feb 28, 2015
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324
Closes #3988
Closes #1786
Closes #950
86ebe06
@shahata shahata added a commit to shahata/angular.js that referenced this issue Feb 28, 2015
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324
Closes #3988
Closes #1786
Closes #950
2225f46
@shahata shahata added a commit to shahata/angular.js that referenced this issue Mar 1, 2015
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324
Closes #3988
Closes #1786
Closes #950
fa39098
@shahata shahata added a commit to shahata/angular.js that referenced this issue Mar 1, 2015
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324
Closes #3988
Closes #1786
Closes #950
b5894ab
@shahata shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015
@shahata shahata feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
56c6352
@shahata shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015
@shahata shahata feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
553f883
@shahata shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015
@shahata shahata feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
7eb087c
@shahata shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015
@shahata shahata feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
0d734da
@shahata shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015
@shahata shahata feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
7ba78ce
@shahata shahata added a commit that closed this issue Mar 2, 2015
@shahata @petebacondarwin shahata + petebacondarwin feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
92c366d
@shahata shahata closed this in 92c366d Mar 2, 2015
@hansmaad hansmaad pushed a commit to hansmaad/angular.js that referenced this issue Mar 10, 2015
@shahata shahata + hansmaad feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
7f06ca9
@netman92 netman92 added a commit to netman92/angular.js that referenced this issue Aug 8, 2015
@shahata @netman92 shahata + netman92 feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
a10e240
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment