How to remove a cookie

java jquery servlets cookies logout

16,750

Solution 1

Cookies are tied to a specific path. You need to make sure that you set the same path during cookie's removal as it was as during cookie's creation. It defaults to the currently requested folder in the URL (and would thus only be available in the same folder or all its subfolders). You'd better explicitly specify the path, otherwise it would be dependent on the currently requested folder in the URL. The cookie path information is like the maxage namely not available in the request cookie header.

Assuming that you created the cookie as follows,

Cookie cookie = new Cookie("CookieForLogin", cookieForLogin);
cookie.setPath("/somePath");
cookie.setMaxAge(maxAgeInSeconds);
// ...
response.addCookie(cookie);

it needs to be removed as follows:

Cookie cookie = new Cookie("CookieForLogin", null);
cookie.setPath("/somePath");
cookie.setMaxAge(0);
// ...
response.addCookie(cookie);

The /somePath is just exemplary. You can also just use /, as long as it's the same in both cases.

Note, the same applies to the Secure and HTTP-only flags of the cookie. If you have initially set it to true during cookie's creation, then you should also set it to true during cookie's removal, they namely defaults to false.

That said, I'm not sure how it's useful to store the logged-in user as a cookie. You're basically also allowing the enduser to manipulate its value. Rather just store the logged-in user as a session attribute instead and call session.invalidate() on logout.

Solution 2

void setMaxAge(int expiry)

we can remove cookie using method, known as setMaxAge()

Cookie c = new Coookie("x", "10");

if you set maxage as 0

c.setMaxAge(0); //it causes the cookie to be deleted.

if you set maxage as negative value

c.setMaxAge(-1);
// cookie is not stored persistently and will be deleted end of the browsing session.

16,750

Author by

Mitaksh Gupta

Updated on June 04, 2022

Comments

Mitaksh Gupta almost 2 years
I am trying to implement the logout functionality for my iPhone app, which uses jQuery mobile, JS at the client side and java at the server side. Currently what I have to do is to clear cookie and redirect to #loginpage tag in my index.html (I have only 1 HTML file in which there are multiple tags for the different pages). What I am doing as of now for the clearCookie is:
```
Cookie readCookie = null;
for (Cookie cookie : httpRequest.getCookies()) {
    if (cookie.getName().equals("CookieForLogin")) {
        readCookie = cookie;
        break;
    }
}

readCookie.setMaxAge(0);
httpResponse.addCookie(readCookie);
```
But this code is not clearing the cookie. I have tried the JS ways, i.e. to set the expiration date to some previous date, given on net but they didn't work too. Also I don't have a response method for HttpServletResponse. How do I clear the cookie that is set at the client side & also how to redirect to a particular tag?