Delete cookie by name?

Charlie picture Charlie · May 15, 2012 · Viewed 307.6k times · Source

How can I delete a specific cookie with the name roundcube_sessauth?

Shouldn't the following:

function del_cookie(name) {
    document.cookie = 'roundcube_sessauth' + 
    '=; expires=Thu, 01-Jan-70 00:00:01 GMT;';
} 

And then:

<a href="javascript:del_cookie(name);">KILL</a>

Kill the roundcube_sessauth cookie?

Answer

emii picture emii · Jun 2, 2014

You should define the path on which the cookie exists to ensure that you are deleting the correct cookie.

function set_cookie(name, value) {
  document.cookie = name +'='+ value +'; Path=/;';
}
function delete_cookie(name) {
  document.cookie = name +'=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;';
}

If you don't specify the path, the browser will set a cookie relative to the page you are currently on, so if you delete the cookie while on a different page, the other cookie continues its existence.

Edit based on @Evan Morrison's comment.
Be aware that in some cases to identify the correct cookie, the Domain parameter is required.
Usually it's defined as Domain=.yourdomain.com.
Placing a dot in front of your domain name means that this cookie may exist on any sub-domain (www also counts as sub-domain).

Also, as mentioned in @RobertT's answer, HttpOnly cookies cannot be deleted with JavaScript on the client side.