Deleting cookie in IE6

Dev Shed Forums Sponsor:

April 26th, 2004, 08:09 PM

roypython

Contributing User

Join Date: Feb 2004

Posts: 71

Time spent in forums: 1 h 20 m 49 sec
Reputation Power: 5

Deleting cookie in IE6

Hi.
I need some help here please.
I am building a site that needs authorization.
In order to do that , I am issuing a cookie in the login page,
and on every page, I'm checking if the cookie exists.
The problem begins when the user chooses " log out"
(which supposed to delete the cookie from the user's machine and redirect to the login page).
It works great in Mozilla and in Konqueror, but IE6 refuses to discard the cookie (and therefore allows access to pages (when the user clicks "Back" button or writing the url ) , eventhough the user is 'logged out')

the headers are the following:
# some defines
SESSION_COOKIE_NAME = "CookieName"
COOKIE_EXPIRE = 6000
companyID = 1

To issue the cookie:
print 'Content-Type: text/html'
print 'Set-Cookie:'+SESSION_COOKIE_NAME+'="'+(str)(companyID)+'";Version="1.0";Max-Age="'+(str)(COOKIE_EXPIRE)+'"'
print 'Cache-Control: no-cache=set-cookie'
print 'Cache-Control: max-age="0"'
print "\n\n"

To delete the cookie:
print 'Content-Type: text/html'
print 'Set-Cookie: '+SESSION_COOKIE_NAME+'="'+(str)(companyID)+'";Version="1.0";Max-Age="0"'
print 'Cache-Control: no-cache=set-cookie'
print 'Cache-Control: max-age="0"'
print "\n\n"

In all the pages (besides the login page). there is a check if the cookie exists.
After logout, the check in IE6 shows that the cookie still exists.
I'm assuming that it has to do with caching the cookie on IE6.
I tried using headers that suppose to surpress the caching of the pages as well as surpressing the Set-Cookie header caching.
I used the recommendations written in the RFC2109 but it still doesn't work.
( I can't verify that the cookie exists / not exists in IE6 because I can't find it in the Hard drive)

Thanks for your help
Roy

Last edited by roypython : April 27th, 2004 at 06:41 PM.

April 29th, 2004, 08:50 PM

TheBlackMamba

Registered User

Join Date: Apr 2003

Posts: 25

Time spent in forums: < 1 sec
Reputation Power: 0

I would recommend setting another cookie indicating that the user had logged out.
You could also put a date in the original cookie and have your code not allow the user back until a certain time after that date. good luck

April 30th, 2004, 03:23 AM

netytan

Hello World :)

Join Date: Mar 2003

Location: Hull, UK

Posts: 2,536

Time spent in forums: 1 Week 2 Days 18 h 3 m 4 sec
Reputation Power: 63

In theory (and i've had no problems with this) reseting the cookie with an expired timestamp should remove it. This could have something to do with the way you are type-casting as i've never seen the:

(str)(companyID)

in Python before. In which case you should check this form in IDLE but i dont believe this is what you want... try

str(companyID)

instead. You might also want to look and the Cookies module

Hope this helps,

Mark.

__________________
programming language development: www.netytan.com – Hula

Viewing: Dev Shed Forums > Programming Languages > Python Programming > Deleting cookie in IE6

« Previous Thread | Next Thread »

Thread Tools	Search this Thread
Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread:

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts vB code is On Smilies are On [IMG] code is On HTML code is Off

View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox

Forum Jump