Cancel cookies older than a certain date for www. and domain without www

Question

Cancel cookies older than a certain date for www. and domain without www

I want to disable all cookies in my domain so that a “fresh start” can be forced for all users ...

The next bit of code works, but it does not cancel cookies from the domain with www.

<?
// Check if this script has run before
if (!isset($_COOKIE['purged_once'])) {

  // Check for old cookies
  if (isset($_SERVER['HTTP_COOKIE'])) {

    $cookies = explode(";", $_SERVER['HTTP_COOKIE']);

    // Iterate and unset all cookies
    foreach ($cookies as $cookie) {

      $fields = explode("=", $cookie);
      $name = trim(fields[0]);

      // unset any cookie for the current path
      setcookie($name, "", time() - 3600);

      // unset the cookie for the root path
      setcookie($name, "", time() - 3600, "/");
    }
  }

  // Set a purged marker for the current path
  setcookie("purged_once", "1", strtotime("+6 months"));
}
?>

The website is forced to use non-www and https through .htaccess rules:

<IfModule mod_rewrite.c>
    # Force HTTPS & NON-WWW
    RewriteEngine On
    RewriteCond %{HTTPS} !=on  [OR]
    RewriteCond %{HTTP_HOST} !^website\.com$ [NC]
    RewriteRule ^ https://website.com%{REQUEST_URI} [R=301,L]
</IfModule>

So I'm looking for a way to run this over https://www.website.comto force all cookies to be deleted for this subdomain

How can this be achieved?

+4

php cookies

Ryflex Dec 21 '15 at 5:30

source share

4 answers

, ( http https). , , , , www.website.com, cookie .

:

cookie , .htaccess, ,
, cookie , %{HTTP_COOKIE} script , . setcookie().

RewriteRule

RewriteRule ^ https://website.com%{REQUEST_URI}&www_cookies=%{HTTP_COOKIE} [R=301,L]

cookie $_REQUEST['www_cookies'] , , , parse_str().

+3

syck 07 . '16 11:43

$domain setcookie() (. php.net setcookie())

, , , cookie . script . cookie, website.com. www.website.com cookie, .

+2

kije 07 . '16 10:20

cookie , , , cookie https://www.website.com, , . .

If you need to delete the cookie from non www something.example.com, but the page is currently running in the main domain, you will not be able to.

To do this, you need to download a page from www.website.com or create a cookie under someone else’s .example.com page so that it can be accessed under any subdomain. OR use this:

Response.cookies ("mycookie"). domain = ".something.com"

... at creation, and before deleting it.

.. untested - should work.

+1

Shashank shah Mar 12 '16 at 5:06

source share

Sergey Ronin · Accepted Answer · 2016-03-11T05:42:44+0000

setcookie . , cookie . , cookie . , setcookie('cookie_name', 'cookie_value', 3600, '/', 'website.com') cookie example.com , . www.example.com, sub.example.com .. , , cookie :

setcookie('cookie_name', 'cookie_value', 3600, '/', '.website.com');

, cookie, :

  // unset any cookie for the current path
  setcookie($name, "", time() - 3600, '', 'website.com');
  setcookie($name, "", time() - 3600, '', '.website.com');

  // unset the cookie for the root path
  setcookie($name, "", time() - 3600, "/", 'website.com');
  setcookie($name, "", time() - 3600, "/", '.website.com');

domain setcookie:

setcookie ($name, $value, $expire, $path, $domain, $secure, $httponly)
$
(), cookie. (, "www.example.com" ) cookie (.. W2.www.example.com). cookie ( ), ( example.com).
, "RFC 2109", . .

Cancel cookies older than a certain date for www. and domain without www

More articles: