Re: Deleting a cookie

Hans Bergsten Sun, 3 Jan 1999 02:23:08 -0800
Marc Tremblay wrote:
>
> > The main problem here is that the code above only sets the max age in the
> > cookie object on the server. But the cookie lives on the client, so the
> > client must be told about it in order for the cookie to be
> > deleted. The way
> > you do that is by adding the modified cookie to the response, i.e.
> >
> >   cookies[i].setMaxAge(0);
> >   response.addCookie(cookies[i]);
> >
> > It's also true that to guarantee that the response headers
> > (including cookie
> > headers) are sent to the client, you shouldn't write any part of the
> > response body until you have set all headers. But most servlet containers
> > buffer the response body up to some limit (something like 4K) so I don't
> > think that's a problem here.
>
> So theoretically then the following code should work?
>
> public void service(HttpServletRequest request, HttpServletResponse
> response) throws ServletException, IOException {
>         Cookie[] cookies = request.getCookies();
>
>         PrintWriter out = response.getWriter();
>
>         response.setContentType("text/html");
>
>         if (cookies != null) {
>           for (int i = 0; i < cookies.length; i++) {
>             cookies[i].setMaxAge(0);
>             response.addCookie(cookies[i]);
>           }
>         }
>
>         out.println("<html><head><title>ClearCookies</title></head><body>");
>         out.println("<h2>ClearCookies</h2><hr>");
>
>         out.println("<b>Your cookies have been deleted</b>");
>
>         out.println("<hr></body></html>");
>
>         out.close();
>     }
>
> I say theoretically because it doesn't for either MSIE 5 or Netscape 4.7.
> Am I to assume that this API is broken?

Which servlet engine are you using? It can be a bug there. If you telnet to
the web server and issue a request for the page you can see exactly what the
Set-Cookie header returned by the server looks like. If I remember correctly
it should look like

  Set-Cookie foo=bar; expires="Thu, 01-Jan-1970 00:00:00 GMT"

--
Hans Bergsten           [EMAIL PROTECTED]
Gefion Software         http://www.gefionsoftware.com

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
Re: Deleting a cookie

Reply via email to
