Cookies And AJAX

P

pbd22

Hi.

I am having a hard time figuring this one out...

I have a sign in page. in my sign in logic, the successful
login uses forms authentication and assigns an HttpCookie
for the site-wide "user id" (ie. "Welcome BillG ! ").

when the user clicks on "signout" from any given page,
an XMLHttp call queries a server script (VB.NET) which
1) signs out the user if he is authenticated and
2) expires the cookie (DateTime.Now.AddYears(-1) ) for "user id".

my problem is that when the request is returned to the
client, it seems to have no effect on the status of the cookie. It
still reads "user id = BillG" when i do javascript:document.cookie.

Is it possible that my server code:

Response.Cookies.Add(cookie)

got complicated with the AJAX call? How do I "immediately" destroy the
cookie so the user is both unauthenticated AND his
user id is removed.

I hope I have explained myself clearly. Thanks for your replies.

Peter
 
S

scripts.contact

pbd22 said:
when the user clicks on "signout" from any given page,
an XMLHttp call queries a server script (VB.NET) which
1) signs out the user if he is authenticated and
2) expires the cookie (DateTime.Now.AddYears(-1) ) for "user id".

How do I "immediately" destroy the
cookie so the user is both unauthenticated AND his
user id is removed.

Use javascript to delete cookie immediately:
document.cookie="NAME=;expires="+(new Date(99999).toGMTString())
 
D

Darko

Use javascript to delete cookie immediately:
document.cookie="NAME=;expires="+(new Date(99999).toGMTString())

You need to understand what "cookie" is to resolve this. A cookie is
simply a line of text in the http-response. If you get that text in an
ajax response (a response to the ajax request) than that won't affect
the cookies on the client's system. To my knowledge, only if you
navigate to a page that contains cookie definitions will affect the
client's cookies, not the ones sent in the ajax response. So, the
trouble is you would either need to parse the ajax response, or think
of something else. Like scripts.contact said, the easiest way to do
this is to ignore the response from the server in that case, and set
the cookie manually in the same javascript chunk of code.
 
P

pbd22

You need to understand what "cookie" is to resolve this. A cookie is
simply a line of text in the http-response. If you get that text in an
ajax response (a response to the ajax request) than that won't affect
the cookies on the client's system. To my knowledge, only if you
navigate to a page that contains cookie definitions will affect the
client's cookies, not the ones sent in the ajax response. So, the
trouble is you would either need to parse the ajax response, or think
of something else. Like scripts.contact said, the easiest way to do
this is to ignore the response from the server in that case, and set
the cookie manually in the same javascript chunk of code.


Hi.

Thanks for your replies.
Client Side Cookies seem to be the answer but I can't seem to
get rid of the "loged-in" cookie. The current result is two
cookies with the same key: user id = BillG and user id = guest

I am using the below functions on sign-out:

function del_cookie(name) {
document.cookie = name +'=; expires=Thu, 01-Jan-70 00:00:01
GMT;';
}

function write_cookie (name, value, path)
{
// Build the expiration date string:
var expiration_date = new Date ();
expiration_date.setYear (expiration_date.getYear () + 1);
expiration_date = expiration_date.toGMTString ();

// Build the set-cookie string:
var cookie_string = escape (name) + "=" + escape (value) + ";
expires=" + expiration_date;
if (path != null)
cookie_string += "; path=" + path;

// Create/update the cookie:
document.cookie = cookie_string;
}

called as such:

del_cookie("user id");
write_cookie("user id", "guest", "/");

THIS DOESNT WORK :(
 
P

pbd22

Hi.

Thanks for your replies.
Client Side Cookies seem to be the answer but I can't seem to
get rid of the "loged-in" cookie. The current result is two
cookies with the same key: user id = BillG and user id = guest

I am using the below functions on sign-out:

function del_cookie(name) {
document.cookie = name +'=; expires=Thu, 01-Jan-70 00:00:01
GMT;';
}

function write_cookie (name, value, path)
{
// Build the expiration date string:
var expiration_date = new Date ();
expiration_date.setYear (expiration_date.getYear () + 1);
expiration_date = expiration_date.toGMTString ();

// Build the set-cookie string:
var cookie_string = escape (name) + "=" + escape (value) + ";
expires=" + expiration_date;
if (path != null)
cookie_string += "; path=" + path;

// Create/update the cookie:
document.cookie = cookie_string;
}

called as such:

del_cookie("user id");
write_cookie("user id", "guest", "/");

THIS DOESNT WORK :(

Hi. I found the Answer. It is cut and paste below:


FIXED!

It seems that the cookie string used in JavaScript to delete it must
match
EXACTLY the cookie string sent by ASP.NET to save it:

as ASP.NET sends:
login=myloginvalue; expires=gmtdate; path=/

You have to write the following JavaScript to delete the cookie:

var expires = new Date();
expires.setUTCFullYear(expires.getUTCFullYear() - 1);
document.cookie = 'login=; expires=' + expires.toUTCString() + ';
path=/';

It works both on IE and Mozilla!

Henri
 
D

Dr J R Stockton

In comp.lang.javascript message <[email protected]
legroups.com>, Wed, 20 Jun 2007 09:12:18, scripts.contact
Use javascript to delete cookie immediately:
document.cookie="NAME=;expires="+(new Date(99999).toGMTString())

Why 99999 rather than 0 ? But
document.cookie="NAME=;expires=Thu, 1 Jan 1970 00:01:39 UTC"

is shorter.

Probably, one does not need the "Thu, ", the " UTC", and maybe not even
the " hh:mm:ss".
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top