14

How to clear the cookies that has been stored through my asp.net mvc(C#) application, when the user closes the browser?

Is there any option to create a cookie such that it expires once the browser closed?

I need to use cookies, because i will store some of the values to be maintained until the browser is closed.

For example, During sign in i may store the userid in cookie, which i can use for my application processes till the bwoser closes.

Session will expire after some particular time, which i need to overcome with using cookies

Daniel A. White
  • 187,200
  • 47
  • 362
  • 445
Prasad
  • 58,881
  • 64
  • 151
  • 199

4 Answers4

27

Sessions are usualy used for this. According to Wikipedia, when no expiration date is set, a cookie is cleared when the user closes the browser.

The cookie setter can specify a deletion date, in which case the cookie will be removed on that date. If the cookie setter does not specify a date, the cookie is removed once the user quits his or her browser.

Ikke
  • 99,403
  • 23
  • 97
  • 120
  • 1
    The session will expire when the user keeps the browser open for long time. Will the cookie with no expiry date lasts until the browser closes? – Prasad Nov 23 '09 at 14:21
  • It really depends on how the browser has implemented it. – Ikke Nov 23 '09 at 14:41
  • 6
    You cannot count on the cookie being deleted when the browser closes. – Chris Hanson Mar 01 '13 at 15:54
  • 11
    To expand on @ChrisHanson 's comment, some browser - e.g. Google Chrome - no longer respect the session cookie 'standard' - i.e. a session cookie is no longer removed when the browser is closed. From what I can tell, a session cookie now lasts indefinitely. – Bobby Jack Sep 08 '13 at 17:09
  • Certainly when there are multiple browser windows, they seem to keep a handle to the session cookie... requiring all browser instances to close before it is removed. Trying to find documentation on this is hard. – felickz Apr 15 '15 at 15:05
  • Depends on setting the cookie get removed see this https://stackoverflow.com/questions/10617954/chrome-doesnt-delete-session-cookies – TIGER Aug 28 '20 at 21:49
  • Since 2012 or earlier, Chrome, Firefox, and possibly other browsers do not actually delete session cookies when closing all windows and/or quitting the browser, so this answer doesn't really work at all in the real world anymore and is now dangerously misleading. – webb Jan 04 '21 at 11:16
0

As mentioned in this SO question:

Response.Cookies("cookie_name").Expires = Session.Timeout;
Community
  • 1
  • 1
Kaleb Brasee
  • 51,193
  • 8
  • 108
  • 113
  • 5
    You actually want to specify no Expires value on the cookie. This will cause the cookie to be removed when the browser session ends (user closes the browser). – Sean Carpenter Nov 23 '09 at 14:15
0

you can use this script and call it in the body tag

<body onunload="dc()">
</body>

<script type="text/javascript">
  function dc(){
    document.cookie = 'access=; expires=Thu, 01 Jan 1970 00:00:01 GMT;';
  }
</script>
ElsaKarami
  • 624
  • 1
  • 4
  • 14
-1

When I set my cookie to expire in the past or did not set it at all, it caused by SSO login to get into an infinite loop with my site. Probably I configured my site wrong to work with the SSO login.

But what worked for me was just adding 2 seconds to the cookie expiration time.

trackCookie.Expires = DateTime.Now.AddSeconds(2);

This gives the cookie the validity on login. And expires it soon after. So on close of the browser, the cookie is deleted.

jaxxbo
  • 7,314
  • 4
  • 35
  • 48