From e2829f5225810cb27e3f44055d1b3891d692e638 Mon Sep 17 00:00:00 2001 From: Frederico Santos Date: Mon, 22 Jul 2024 22:41:51 +0100 Subject: [PATCH] fix: Update removeCookie function to use Max-Age=-1 instead of Expires header The removeCookie function was updated to use the Max-Age=-1 attribute instead of setting the Expires header to a past date. This change ensures that the cookie is immediately expired when removed, preventing any potential login loops. Additionally, a legacy cookie without a domain was added to handle older cookies. This commit resolves the unnecessary cookie setting in the removeCookie function. --- src/utils.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/utils.ts b/src/utils.ts index 3b26fa23e99..9c1b12882de 100644 --- a/src/utils.ts +++ b/src/utils.ts @@ -301,8 +301,8 @@ export function setCookie(cName: string, cValue: string): void { } export function removeCookie(cName: string): void { - document.cookie = `${cName}=;Secure;SameSite=Strict;Domain=${window.location.hostname};Path=/;Expires=Thu, 01 Jan 1970 00:00:00 GMT`; - document.cookie = `${cName}=;Secure;SameSite=Strict;Path=/;Expires=Thu, 01 Jan 1970 00:00:00 GMT`; + document.cookie = `${cName}=;Secure;SameSite=Strict;Domain=${window.location.hostname};Path=/;Max-Age=-1`; + document.cookie = `${cName}=;Secure;SameSite=Strict;Path=/;Max-Age=-1`; // legacy cookie without domain, for older cookies to prevent a login loop } export function getCookie(cName: string): string {