https://github.com/dkarter/cookiekiller
Delete rails session cookie
https://github.com/dkarter/cookiekiller
Last synced: 10 months ago
JSON representation
Delete rails session cookie
- Host: GitHub
- URL: https://github.com/dkarter/cookiekiller
- Owner: dkarter
- Created: 2014-11-26T18:46:30.000Z (over 11 years ago)
- Default Branch: master
- Last Pushed: 2024-01-09T04:13:18.000Z (over 2 years ago)
- Last Synced: 2025-08-28T19:04:50.336Z (10 months ago)
- Language: Ruby
- Size: 26.4 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 6
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
#Cookie Killer
## A server-side session cookie nuker
This is a small isolated project that allows you to delete the session cookie rails pushes to every page via the HTTP Header Set-Cookie. (cookie is '_yourappname_session' and you normally cannot delete it or change it since it is controlled by the session components)
This cookie is being set as HttpOnly so if you were struggling with deleting it from the client side using javascript that's because your browser doesn't let you delete or set HttpOnly cookies from client side (to prevent XSS attacks).
To test this go to the /killers index controller and check the response http headers. You will see that I am changing the cookie expire attribute to 1 year ago and value to nothing which deletes it from your browser.
Let me know in the issues if you have any questions.
It uses the 'session off' gem.