无法过期一个 cookie

huangapple go评论91阅读模式
英文:

Could not expire a cookie

问题

我正在使用Go App Engine SDK进行开发,并尝试设置/过期Cookie。

设置Cookie没有问题,但是无法在浏览器中使其过期。

该应用程序基于negroni实例:

func init() {
    app := negroni.New()
    app.UseHandler(Router())
    http.Handle("/", app)
}

路由器是一个mux实例:

func Router() *mux.Router {
    r := mux.NewRouter()
    subRouter := r.PathPrefix(PATH_PREFIX).Subrouter()

    subRouter.HandleFunc("/sign", LoginHandler)
    subRouter.HandleFunc("/userinfo", UserInfo)
    subRouter.HandleFunc("/logout", Logout)

    return r
}

登录处理程序很基本:

func LoginHandler(w http.ResponseWriter, r *http.Request) {
    ctx := appengine.NewContext(r)
    u := user.Current(ctx)

    if u == nil {
        url, err := user.LoginURL(ctx, r.URL.String())
        if err != nil {
            http.Error(w, err.Error(), http.StatusInternalServerError)
            return
        }
        w.Header().Set("Location", url)
        w.WriteHeader(http.StatusFound)
        return
    }

    // COOKIE_ID = "SomeString"
    cookie := &http.Cookie{Name: COOKIE_ID, Value: u.ID, Path: "/", MaxAge: 0}
    http.SetCookie(w, cookie)

    w.Header().Set("Location", "/")
    w.WriteHeader(http.StatusFound)
}

为了使Cookie过期:

func Logout(w http.ResponseWriter, r *http.Request) {
    ctx := appengine.NewContext(r)
    url, err := user.LogoutURL(ctx, "/")

    if err != nil {
        http.Error(w, err.Error(), http.StatusInternalServerError)
        return
    }

    expiredCookie := &http.Cookie{Name: COOKIE_ID, MaxAge: -10, Expires: time.Now()}
    http.SetCookie(w, expiredCookie)

    w.Header().Set("Location", url)
    w.WriteHeader(http.StatusFound)
}

我尝试了所有方法:

  • 获取旧的Cookie,更改MaxAge和Expires
  • 创建一个具有相同名称的新Cookie进行覆盖

完整代码:https://gist.github.com/yageek/78e43c83b56467fc8338

无论如何,Cookie仍然保留在浏览器中。我做错了什么?

英文:

I'm playing with the Go App Engine SDK and I'm trying to set/expires Cookies.

There is no problem by setting a Cookie, but it is impossible to make it expiring in the browser.

The app is a based on a negroni instance:

func init() {

	app := negroni.New()
	app.UseHandler(Router())
	http.Handle("/", app)

}

The router is a mux instance:

func Router() *mux.Router {

	r := mux.NewRouter()
	subRouter := r.PathPrefix(PATH_PREFIX).Subrouter()

	subRouter.HandleFunc("/sign", LoginHandler)
	subRouter.HandleFunc("/userinfo", UserInfo)
	subRouter.HandleFunc("/logout", Logout)

	return r
}

The login handler is basic:

func LoginHandler(w http.ResponseWriter, r *http.Request) {

	ctx := appengine.NewContext(r)

	u := user.Current(ctx)

	if u == nil {

		url, err := user.LoginURL(ctx, r.URL.String())
		if err != nil {
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
		w.Header().Set("Location", url)
		w.WriteHeader(http.StatusFound)
		return
	}
   
    //COOKIE_ID = "SomeString"
	cookie := &http.Cookie{Name: COOKIE_ID, Value: u.ID, Path: "/", MaxAge: 0}
	http.SetCookie(w, cookie)

	w.Header().Set("Location", "/")
	w.WriteHeader(http.StatusFound)
}

To expires the cookie:

func Logout(w http.ResponseWriter, r *http.Request) {

	ctx := appengine.NewContext(r)
	url, err := user.LogoutURL(ctx, "/")

	if err != nil {
		http.Error(w, err.Error(), http.StatusInternalServerError)
		return
	}

	expiredCookie := &http.Cookie{Name: COOKIE_ID, MaxAge: -10, Expires: time.Now()}
	http.SetCookie(w, expiredCookie)

	w.Header().Set("Location", url)
	w.WriteHeader(http.StatusFound)
}

I tried everything:

  • Getting the old cookie, change MaxAge and Expires
  • Create a new cookie with the same Name to overwrite

Full code: https://gist.github.com/yageek/78e43c83b56467fc8338

In any case, the cookie still remains in the navigator. What do I do wrong ?

答案1

得分: 8

浏览器会为多个路径存储cookie。在cookie头部上设置路径属性,以匹配用于创建cookie的路径属性。

将最大年龄设置为负值以清除cookie。如果最大年龄属性等于零,则不会在头部上设置最大年龄属性。

某些浏览器不理解最大年龄属性。为了使这些浏览器受益,将过期时间设置为过去的时间。

expiredCookie := &http.Cookie{Path: "/", Name: COOKIE_ID, MaxAge: -1, Expires: time.Now().Add(-100 * time.Hour)}

英文:

Browsers store cookies for multiple paths. Set the path attribute on the cookie header to match the path attribute used to create the cookie.

Set maximum age to a negative value to clear the cookie. The maximum age attribute is not set on the header if equal to zero.

Some browsers do not understand the maximum age attribute. Set expiration to a time in the past for the benefit of those browsers.

expiredCookie := &http.Cookie{Path: "/", Name: COOKIE_ID, MaxAge: -1, Expires: time.Now().Add(-100 * time.Hour)}

huangapple
  • 本文由 发表于 2015年12月2日 00:25:27
  • 转载请务必保留本文链接:https://go.coder-hub.com/34025115.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定