Status: New
Owner: ----
Labels: Type-Defect Priority-Medium

New issue 3294 by provide DELETE for

What version are you running?

What's the URL of the page containing the problem?

What steps will reproduce the problem?
1. use DELETE method for

What is the expected output? What do you see instead?
I get: 405 Method Not Allowed
this is the documented behavior -
But since the defaults are persistent cookies backed by a database,
I would like to have a way to delete sessions; proper logout workflow for my use case.

What operating system are you using? What browser?
CentOS 6.5 / Chrome

Please provide any additional information below.
here is my workflow:
- login and get a cookie from a service accounts (e.g. jenkins)
- provide cookie to test job so they can get more information, e.g.
  - repository
  - diff
- destroy cookie so nobody else can make requests?

the problem is that if somebody gets a hold of the rbsessionid, they
can use it regardless of me doing best efforts to destroy the cookie.

You received this message because this project is configured to send all issue notifications to this address.
You may adjust your notification preferences at:

You received this message because you are subscribed to the Google Groups 
"reviewboard-issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
To post to this group, send email to
Visit this group at
For more options, visit

Reply via email to