How can I delete a specific cookie with the name roundcube_sessauth?
Shouldn't the following:
function del_cookie(name) {
document.cookie = 'roundcube_sessauth' +
'=; expires=Thu, 01-Jan-70 00:00:01 GMT;';
}
And then:
<a href="javascript:del_cookie(name);">KILL</a>
Kill the roundcube_sessauth cookie?
Answer
You should define the path on which the cookie exists to ensure that you are deleting the correct cookie.
function set_cookie(name, value) {
document.cookie = name +'='+ value +'; Path=/;';
}
function delete_cookie(name) {
document.cookie = name +'=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;';
}
If you don't specify the path, the browser will set a cookie relative to the page you are currently on, so if you delete the cookie while on a different page, the other cookie continues its existence.
Edit based on @Evan Morrison's comment.
Be aware that in some cases to identify the correct cookie, the Domain parameter is required.
Usually it's defined as Domain=.yourdomain.com.
Placing a dot in front of your domain name means that this cookie may exist on any sub-domain (www also counts as sub-domain).
Also, as mentioned in @RobertT's answer, HttpOnly cookies cannot be deleted with JavaScript on the client side.