3 thoughts on “res.clearCookie() doesn’t work

  1. Nevermind, i see that this has been fixed already

    The issue is that the cookie must have the same path as before:
    res.clearCookie(cookie, {path:’/’});
    works fine.

  2. Make sure you are actually sending your credentials to the endpoint.

    // Front End
    let logOut = () => {
    
      fetch('logout', {
        method: 'get',
        credentials: 'include' // <--- YOU NEED THIS LINE
    
      }).then(function(response) {
        if (response.redirected) {
          return window.location.replace(response.url);
        }
    
      }).catch(function(err) {
        console.log(err);
      });
    }
    
    
    // Back End
    app.get('/logout', (req, res) => {
      res.clearCookie('token');
      return res.status(200).redirect('/login');
    });
  3. For anyone else running into this, it’s not just path that has to match. You have to match the domain too.

    res.clearCookie('my_cookie', {domain: COOKIE_DOMAIN, path: COOKIE_PATH});
    

    Pretty obvious why if you look at the source impl for clearCookie:

    res.clearCookie = function clearCookie(name, options) {
      var opts = merge({ expires: new Date(1), path: '/' }, options);
    
      return this.cookie(name, '', opts);
    

Comments are closed.