jwt-auth icon indicating copy to clipboard operation
jwt-auth copied to clipboard

Published 20 hours ago verified publisher icon adam-hanna

Invalidation of cookies does not work

Open nItroFreeZer opened this issue 4 years ago • 1 comments

Hi there

In the NullifyTokens() func you want to delete / invalidate the authCookie and refreshCookie. Unfortunately this does not work if the cookie has no value for the path attribute. The browsers ignores the Set-Cookie headers and the cookies are preserved.

Kind Regards

nItroFreeZer avatar Feb 22 '21 10:02 nItroFreeZer

Sorry, I'm just seeing this, now. Thanks for the report.

adam-hanna avatar May 14 '21 12:05 adam-hanna