17

Suppose I want to delete a cookie (for example, ring's session cookie):

Making a response map like this:

{:cookies {"ring-session" {:value "kill", :max-age 1}}}

seems to work, but it feels a bit hacky.

Is there a clean way to just delete it?

Dave Liepmann
  • 1,555
  • 1
  • 18
  • 22
John Lawrence Aspden
  • 17,124
  • 11
  • 67
  • 110
  • 7
    setting either cookie expiration date to the beginning of the epoch or max age to 0 is a standard way of deleting cookies even in non-ring applications. – soulcheck Jan 10 '13 at 13:31
  • 3
    `(defn expire-cookie [resp name] (assoc-in resp [:cookies name] {:value "" :max-age 0}))` – Alex Taggart Jan 11 '13 at 07:24

4 Answers4

15

That seems like quite a reasonable way of going about it. Many web a applications delete cookies be replacing them with one that is about to expire. The :max-age 1 syntax makes this look much more elegant than it does in, for example, Javascript.

Community
  • 1
  • 1
Arthur Ulfeldt
  • 90,827
  • 27
  • 201
  • 284
2

I was using wrap-session and the other handlers in ring.middleware. Setting the cookie to max age was not working in the response since it was just being overwritten (very frustrating to diagnose!)

This is what I needed to do:

(defn clear-session! [resp]
 (assoc resp :session nil))

source

Setheron
  • 3,520
  • 3
  • 34
  • 52
1

ringseems do not support this, but you can send the user agent a new cookie with an Expires attribute with a value in the past.

more info

Community
  • 1
  • 1
Yang
  • 389
  • 2
  • 15
0

If you are using ring-session, this could be another way to do delete cookie.

(def epoch (ZonedDateTime/ofInstant Instant/EPOCH ZoneOffset/UTC))

(def response {:status 200,
               :body "{\"message\":\"ok\"}",
               :session nil,
               :session-cookie-attrs {:expires epoch}})
ruseel
  • 1,578
  • 2
  • 21
  • 41