res.clearCookie() now ignores maxAge #4852

tjarbo · 2022-03-08T17:48:33Z

This pr fixes #4851.

I have ...

added a new test that covers my changes
run linter

Segmentational · 2022-06-28T19:37:07Z

Testing the changes, in the unit-test:

  // ... blah blah blah
  [Symbol(kOutHeaders)]: [Object: null prototype] {
    'x-powered-by': [ 'X-Powered-By', 'Express' ],
    'set-cookie': [
      'Set-Cookie',
      'sid=; Path=/admin; Expires=Thu, 01 Jan 1970 00:00:00 GMT'
    ]
  }
}

confirms the maxAge attribute is indeed removed. Output following the request.end() call yields

// ... blah blah blah
 _maxListeners: undefined,
  _enableHttp2: false,
  _agent: false,
  _formData: null,
  method: 'GET',
  url: 'http://127.0.0.1:46159/',
  _header: {},
  header: {},
  writable: true,
  _redirects: 0,
  _maxRedirects: 0,
  cookies: '',
// ... blah blah blah

Great, cookies are not set in the raw http response!

Due to my little experience in our test suite, another PR would be useful. But to my understanding things are looking good.

Segmentational · 2022-06-28T19:40:47Z

test/res.clearCookie.js

+      var app = express();
+
+      app.use(function(req, res){
+        res.clearCookie('sid', { path: '/admin', maxAge: 900 }).end();


// ... blah blah blah [Symbol(kOutHeaders)]: [Object: null prototype] { 'x-powered-by': [ 'X-Powered-By', 'Express' ], 'set-cookie': [ 'Set-Cookie', 'sid=; Path=/admin; Expires=Thu, 01 Jan 1970 00:00:00 GMT' ] } }

Segmentational · 2022-06-28T19:40:49Z

test/res.clearCookie.js

+      .get('/')
+      .expect('Set-Cookie', 'sid=; Path=/admin; Expires=Thu, 01 Jan 1970 00:00:00 GMT')
+      .expect(200, done)
+    })


Takes the shape:

// ... blah blah blah _maxListeners: undefined, _enableHttp2: false, _agent: false, _formData: null, method: 'GET', url: 'http://127.0.0.1:46159/', _header: {}, header: {}, writable: true, _redirects: 0, _maxRedirects: 0, cookies: '', // ... blah blah blah

Segmentational

Looks good -- I was able to verify the expected raw http outputs

kaj

Excellent!

res.clearCookie now ignores maxAge. fixes expressjs#4851

a6ad7ea

import-brain added the pr label Mar 8, 2022

dougwilson added bug 4.x labels Mar 13, 2022

dougwilson added this to the 4.18 milestone Mar 13, 2022

dougwilson added 5.x and removed bug 4.x labels Mar 24, 2022

dougwilson removed this from the 4.18 milestone Mar 24, 2022

Segmentational reviewed Jun 28, 2022

View reviewed changes

Segmentational approved these changes Jun 28, 2022

View reviewed changes

Segmentational mentioned this pull request Jun 28, 2022

res.clearCookie() does not ignore maxAge #4851

Open

dougwilson force-pushed the master branch 2 times, most recently from eb10dba to 340be0f Compare October 6, 2022 14:16

kaj reviewed May 10, 2023

View reviewed changes

UlisesGascon mentioned this pull request Apr 24, 2024

Express 5.0 - last push! expressjs/discussions#233

Open

22 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

res.clearCookie() now ignores maxAge #4852

res.clearCookie() now ignores maxAge #4852

tjarbo commented Mar 8, 2022

Segmentational commented Jun 28, 2022

Segmentational Jun 28, 2022

Segmentational Jun 28, 2022

Segmentational left a comment

kaj left a comment

res.clearCookie() now ignores maxAge #4852

Are you sure you want to change the base?

res.clearCookie() now ignores maxAge #4852

Conversation

tjarbo commented Mar 8, 2022

Segmentational commented Jun 28, 2022

Segmentational Jun 28, 2022

Choose a reason for hiding this comment

Segmentational Jun 28, 2022

Choose a reason for hiding this comment

Segmentational left a comment

Choose a reason for hiding this comment

kaj left a comment

Choose a reason for hiding this comment