From a0953554353009685a5a583fa20f4132790f3711 Mon Sep 17 00:00:00 2001 From: Jeff Godin Date: Fri, 12 Oct 2012 10:46:56 -0400 Subject: [PATCH] Fix deletion of shared ses cookie We need to specify the domain properly in order to delete the shared_ses cookie. Do so. TODO: move shared_ses_domain_regex into a single location Signed-off-by: Jeff Godin --- .../src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm | 25 +++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm index 7f066d4073..54168eab6a 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm @@ -471,9 +471,7 @@ sub load_logout { # while logged in, go ahead and clear it out. $self->clear_anon_cache; - return $self->generic_redirect( - $redirect_to || $self->ctx->{home_page}, - [ + my $cookies = [ # clear value of and expire all of these login-related cookies $self->cgi->cookie( -name => COOKIE_SES, @@ -481,7 +479,6 @@ sub load_logout { -value => '', -expires => '-1h' ), - # always try to delete this, even though it may not be enabled $self->cgi->cookie( -name => COOKIE_SHARED_SES, -path => '/', @@ -494,7 +491,25 @@ sub load_logout { -value => '', -expires => '-1h' ) - ] + ]; + + if (defined($self->apache->dir_config('OILSWebSharedSesCookieDomain'))) { + my $shared_ses_domain = $self->apache->dir_config('OILSWebSharedSesCookieDomain'); + my $shared_ses_domain_regex = '\.' . $shared_ses_domain . '$'; + + if ($self->apache->hostname =~ /$shared_ses_domain_regex/) { + push @$cookies, + $self->cgi->cookie( + -name => COOKIE_SHARED_SES, + -path => '/', + -value => '', + -expires => '-1h' + ); + } + } + + return $self->generic_redirect( + $redirect_to || $self->ctx->{home_page}, $cookies ); } -- 2.11.0