My goal is to do programmatically logout from controller. I use this nice solution. Everything works fine except that LONGSESS
(renamed REMEMBERME
) cookie not deleted. It deleted but not :)
Logout in controller code:
$response = $this->redirectToRoute('homepage');
$response->headers->clearCookie('LONGSESS');
return $response;
So, call this action.
-
Request headers for this action (as expected):
Cookie SESS=n4jbl1m61l6bceesbeusrbq044; LONGSESS=QXBwQnVuZGxlXEVudGl0eVxVc2VyOmRYTmxja0IxYzJWeUxtTnZiUT09OjE0NDgyMDMyMjQ6ZTFhNzBlNGEyMWM4NGM3N2UzYmI3ZmJiNWIzMGM5MDg2ZDAyOWY1ZGVhMWI4NTYyNGQ0OTJmNjVmNmRjOTY2NQ%3D%3D
-
Response headers to this action (as expected):
Set-Cookie:SESS=ai1gt79r49o184du3tknv7tdf6; path=/; domain=.myhost.local Set-Cookie:LONGSESS=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly Set-Cookie:SESS=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; httponly
-
Redirect headers (as expected):
Location:/app_dev.php/
-
Next request headers to homepage (NOT as expected -
LONGSESS
value is the same as previous request):Cookie:LONGSESS=QXBwQnVuZGxlXEVudGl0eVxVc2VyOmRYTmxja0IxYzJWeUxtTnZiUT09OjE0NDgyMDMyMjQ6ZTFhNzBlNGEyMWM4NGM3N2UzYmI3ZmJiNWIzMGM5MDg2ZDAyOWY1ZGVhMWI4NTYyNGQ0OTJmNjVmNmRjOTY2NQ%3D%3D; SESS=ai1gt79r49o184du3tknv7tdf6
So user is not logged out.
How may it be? LONGSESS
cookie set to deleted
, expired but next request has the same value?