javascript - Logging out from an iframe not clearing cookies in Google Chrome
Get the solution ↓↓↓The setup is as follows.
A login form from my site (site A) is embedded as an iframe in another site (site B). When a user logs in, a cookie is set like this:
setcookie("cookieFromSiteA", $r_string, time() + 3600, "/;domain=".$_SERVER["HTTP_HOST"].";SameSite=None; Secure");
where$_SERVER["HTTP_HOST"]
is.siteA.com
, and$rstring
is the cookie's value. Site A's content is always kept within the iframe.
Once the user tries to log out from site A, the cookies are cleared (with jQuery cookie¹), and everything works as expected - in Firefox. Google Chrome keeps the user logged in. Other browsers are of no interest at the moment.
This only happens if site A is embedded as an iframe inside site B. If the user accesses site A directly, and tries logging in and out, everything works fine, regardless of the browser.
I only have control of the code on site A.
¹ I've also tried clearing it with regular methods, such as:
document.cookie = "cookieFromSiteA=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;domain=.sitea.com;SameSite=None;Secure"
,
or withMax-Age=0
instead ofexpires=...
, and with PHP's
setcookie("cookieFromSiteA",$rstring, -1,"/;domain=".$_SERVER["HTTP_HOST"].";SameSite=None; Secure")
Share solution ↓
Additional Information:
Link To Answer People are also looking for solutions of the problem: to enable extensions, verify that they are enabled in your .ini files
Didn't find the answer?
Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.
Similar questions
Find the answer in similar questions on our website.
Write quick answer
Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.