The CGI.pm cookie() method sets a cookie. To delete a cookie here is a quote from the Netscape Cookie Spec:
"If a CGI script wishes to delete a cookie, it can do so by returning a cookie with the same name, and an expires time which is in the past. The path and name must match exactly in order for the expiring cookie to replace the valid cookie. This requirement makes it difficult for anyone but the originator of a cookie to delete a cookie."
To explicitly delete you cookie this should work fine:
my $cookie = $CGI->cookie( -name => 'stflogin', -value => '', -expires => '-1d'); my $other_cookie = $CGI->cookie( -name => 'stfpassword', -value => '', -expires => '-1d'); print $CGI->header(-cookie=>[$cookie,$other_cookie]);
You are not explicitly setting a domain or path so the default should remain the same both setting and deleting. Hope this helps.
It's been bugging me all day so I just want to say that setting cookies on the clients machine called login and password worries me. It is not a very secure thing to do. It might be better to set a client ID cookie and leave passwords and logins where they belong - securely encrypted on the server (outside the doc tree of course :-). If you are planning on denying access by deleting a cookie from the client side I presume you know that cookies are text files that I can view, copy, delete, edit or otherwise munge as I see fit. In other words you have very little control over what happens to them once on a client machine. Anyway I feel better now.
cheers
tachyon
s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print
In reply to Re: Weird CGI Cookie Problem
by tachyon
in thread Weird CGI Cookie Problem
by Anonymous Monk
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |