I need to remove a cookie that was previously set for parent domain while browsing host at subdomain of the parent.
我需要删除之前为父域设置的cookie,同时在父域的子域中浏览主机。
I.e., a cookie "xyz" was set for example.com, and I am trying to remove it on subdomain.example.com, using Django backend.
即,为example.com设置了一个cookie“xyz”,我试图使用Django后端在subdomain.example.com上删除它。
The request.COOKIES given to the view does not contain any cookies except those from subdomain.example.com, so I can't write just response.delete_cookie(...) in order to delete it.
给视图的request.COOKIES除了来自subdomain.example.com的cookie之外不包含任何cookie,因此我不能只编写response.delete_cookie(...)来删除它。
It is possible to perform such deletion either in Python or Javascript?
可以在Python或Javascript中执行此类删除吗?
2 个解决方案
#1
1
The cookie was probably set with 'domain' parameter. Set the cookie to be accessible from all the subdomains of the domain the cookie is being set in.
cookie可能设置为'domain'参数。将cookie设置为可以从设置cookie的域的所有子域访问。
I'm not the python guy, but my knowledge of http protocol shows that this might be the problem.
我不是蟒蛇人,但我对http协议的了解表明这可能是问题所在。
#2
0
You can attempt to call delete_cookie even for a cookie you haven't been able to read. Django will output the relevant Set-Cookie headers to delete the cookie regardless. Naturally the domain and path you pass to delete_cookie must match the cookie you intend to delete.
即使您无法阅读的cookie,也可以尝试调用delete_cookie。 Django将输出相关的Set-Cookie标头以删除cookie。当然,您传递给delete_cookie的域和路径必须与您要删除的cookie匹配。
However, if you haven't been able to read the cookie, it is likely there is another problem, which might prevent you deleting it. Are you sure the cookie from the parent domain was set with a domain=parentdomain.tld parameter? If not then it wouldn't be visible or deletable from the subdomain, except in IE due to that browser's bad handling of no-domain-specified cookies.
但是,如果您无法读取cookie,则可能存在其他问题,这可能会阻止您将其删除。您确定来自父域的cookie是使用domain = parentdomain.tld参数设置的吗?如果没有那么它将不会从子域中可见或删除,除非在IE中由于该浏览器对非域指定的cookie的处理不当。
#1
1
The cookie was probably set with 'domain' parameter. Set the cookie to be accessible from all the subdomains of the domain the cookie is being set in.
cookie可能设置为'domain'参数。将cookie设置为可以从设置cookie的域的所有子域访问。
I'm not the python guy, but my knowledge of http protocol shows that this might be the problem.
我不是蟒蛇人,但我对http协议的了解表明这可能是问题所在。
#2
0
You can attempt to call delete_cookie even for a cookie you haven't been able to read. Django will output the relevant Set-Cookie headers to delete the cookie regardless. Naturally the domain and path you pass to delete_cookie must match the cookie you intend to delete.
即使您无法阅读的cookie,也可以尝试调用delete_cookie。 Django将输出相关的Set-Cookie标头以删除cookie。当然,您传递给delete_cookie的域和路径必须与您要删除的cookie匹配。
However, if you haven't been able to read the cookie, it is likely there is another problem, which might prevent you deleting it. Are you sure the cookie from the parent domain was set with a domain=parentdomain.tld parameter? If not then it wouldn't be visible or deletable from the subdomain, except in IE due to that browser's bad handling of no-domain-specified cookies.
但是,如果您无法读取cookie,则可能存在其他问题,这可能会阻止您将其删除。您确定来自父域的cookie是使用domain = parentdomain.tld参数设置的吗?如果没有那么它将不会从子域中可见或删除,除非在IE中由于该浏览器对非域指定的cookie的处理不当。