bug: [Android] [Http / Cookies] Cookies set by server cannot be deleted by the client

[silviogutierrez]

Bug Report

Capacitor Version

💊   Capacitor Doctor  💊

Latest Dependencies:

  @capacitor/cli: 4.6.1
  @capacitor/core: 4.6.1
  @capacitor/android: 4.6.1
  @capacitor/ios: 4.6.1

Installed Dependencies:

  @capacitor/cli: 4.6.1
  @capacitor/core: 4.6.1
  @capacitor/android: 4.6.1
  @capacitor/ios: 4.6.1

[success] iOS looking great! 👌
[success] Android looking great! 👌

Platform(s)

Android

Current Behavior

Set a cookie on the server, using Set-Cookie header. Try deleting it on the client by manipulating document.cookie. It won't take effect and the Cookie header will still be sent.

Sample code to delete a cookie:

document.cookie = `${cookieName}=;expires=Thu, 01 Jan 1970 00:00:01 GMT;`;

Expected Behavior

Unless forbidden/invisible due to HttpOnly, you should be able to unset a cookie on the client.

Code Reproduction

https://github.com/silviogutierrez/capacitor-http-tester (#6177)

1. Clone the repository.
2. Run npm install and npm cap sync to get both platforms working.
3. Run npm run build && node server.js to start the local server.
4. Open http://localhost:3000 and see how everything works on the browser.
5. Run npx cap open ios and run the simulator, observe passing/failing tests.
6. Run npx cap open android and run the emulator, observe passing/failing test with this issue number.