Fix deletion of shared ses cookie

We need to specify the domain properly in order to delete the
shared_ses cookie. Do so.

TODO: move shared_ses_domain_regex into a single location

Signed-off-by: Jeff Godin <jgodin@tadl.org>

diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm
index 7f066d4..54168ea 100644 (file)
--- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm
@@ -471,9 +471,7 @@ sub load_logout {
     # while logged in, go ahead and clear it out.
     $self->clear_anon_cache;
 
-    return $self->generic_redirect(
-        $redirect_to || $self->ctx->{home_page},
-        [
+    my $cookies = [
             # clear value of and expire all of these login-related cookies
             $self->cgi->cookie(
                 -name => COOKIE_SES,
@@ -481,7 +479,6 @@ sub load_logout {
                 -value => '',
                 -expires => '-1h'
             ),
-            # always try to delete this, even though it may not be enabled
             $self->cgi->cookie(
                 -name => COOKIE_SHARED_SES,
                 -path => '/',
@@ -494,7 +491,25 @@ sub load_logout {
                 -value => '',
                 -expires => '-1h'
             )
-        ]
+    ];
+
+    if (defined($self->apache->dir_config('OILSWebSharedSesCookieDomain'))) {
+        my $shared_ses_domain = $self->apache->dir_config('OILSWebSharedSesCookieDomain');
+        my $shared_ses_domain_regex = '\.' . $shared_ses_domain . '$';
+
+        if ($self->apache->hostname =~ /$shared_ses_domain_regex/) {
+            push @$cookies,
+            $self->cgi->cookie(
+                -name => COOKIE_SHARED_SES,
+                -path => '/',
+                -value => '',
+                -expires => '-1h'
+            );
+        }
+    }
+
+    return $self->generic_redirect(
+        $redirect_to || $self->ctx->{home_page}, $cookies
     );
 }