From: Paul Hänsch Date: Wed, 29 Sep 2021 10:34:51 +0000 (+0200) Subject: unambiguous cookie path when destroying user session X-Git-Url: https://git.plutz.net/?a=commitdiff_plain;h=84a16dd6c14e0a8f64b94dfd86e58746661f2ab6;p=cgilite unambiguous cookie path when destroying user session --- diff --git a/users.sh b/users.sh index 1959e9d..b784ec7 100755 --- a/users.sh +++ b/users.sh @@ -226,8 +226,8 @@ user_logout(){ # destroy cookie, destroy session # keep device cookie new_session - SET_COOKIE 0 session="" - SET_COOKIE 0 user_id="" + SESSION_COOKIE new + SET_COOKIE 0 user_id="" Path="/${_BASE#/}" SameSite=Strict HttpOnly REDIRECT "${_BASE}${PATH_INFO}#USER_LOGGED_OUT" }