C#•17mo ago

How to delete a cross-domain cookie

Hey, I'm working on a web app (next.js as a frontend and .net api as backend). I decided to try cross-domain cookies to make authentication more simple. it works, i can log in or register, but when im trying to clear the cookie on logout the problem comes. i tried to do this on a frontend initially, but then i found out that i could only be done on the "main" domain. Logout endpoint returns "Ok" but i still can see a cookie in browser. here's how i set and delete cookies

csharp     
private readonly CookieOptions _cookieOptions = new()
{
    HttpOnly = true,
    Secure = true,
    SameSite = SameSiteMode.None,
    Expires = DateTime.UtcNow.AddDays(1)
};

HttpContext.Response.Cookies.Append("AuthToken", registerUserResult.Value.Token, _cookieOptions);

HttpContext.Response.Cookies.Delete("AuthToken", new CookieOptions
{
    HttpOnly = true,
    Secure = true,
    SameSite = SameSiteMode.None,
    Path = "/",
    Domain = "localhost",
    Expires = DateTime.UtcNow.AddDays(-1)
});

csharp     
private readonly CookieOptions _cookieOptions = new()
{
    HttpOnly = true,
    Secure = true,
    SameSite = SameSiteMode.None,
    Expires = DateTime.UtcNow.AddDays(1)
};

HttpContext.Response.Cookies.Append("AuthToken", registerUserResult.Value.Token, _cookieOptions);

HttpContext.Response.Cookies.Delete("AuthToken", new CookieOptions
{
    HttpOnly = true,
    Secure = true,
    SameSite = SameSiteMode.None,
    Path = "/",
    Domain = "localhost",
    Expires = DateTime.UtcNow.AddDays(-1)
});

how to make it work?

csharp     
private readonly CookieOptions _cookieOptions = new()
{
    HttpOnly = true,
    Secure = true,
    SameSite = SameSiteMode.None,
    Expires = DateTime.UtcNow.AddDays(1)
};

HttpContext.Response.Cookies.Append("AuthToken", registerUserResult.Value.Token, _cookieOptions);

HttpContext.Response.Cookies.Delete("AuthToken", new CookieOptions
{
    HttpOnly = true,
    Secure = true,
    SameSite = SameSiteMode.None,
    Path = "/",
    Domain = "localhost",
    Expires = DateTime.UtcNow.AddDays(-1)
});

csharp     
private readonly CookieOptions _cookieOptions = new()
{
    HttpOnly = true,
    Secure = true,
    SameSite = SameSiteMode.None,
    Expires = DateTime.UtcNow.AddDays(1)
};

HttpContext.Response.Cookies.Append("AuthToken", registerUserResult.Value.Token, _cookieOptions);

HttpContext.Response.Cookies.Delete("AuthToken", new CookieOptions
{
    HttpOnly = true,
    Secure = true,
    SameSite = SameSiteMode.None,
    Path = "/",
    Domain = "localhost",
    Expires = DateTime.UtcNow.AddDays(-1)
});

how to make it work?

How to delete a cross-domain cookie

Similar Threads

How to delete a cross-domain cookie

Similar Threads

Similar Threads

Similar Threads