Possible problem in delete cookies

[Michele]

I'm trying to create a sort of session management but I can't delete cookies... in Utils we have

delete_cookie_header = function(header,key=NULL,value='',expires=NULL,

path=NULL,domain=NULL,secure=FALSE,httpOnly=FALSE){

   if (is.null(header$`Set-Cookie`)) return(invisible()) # this is the problem

   cookies <- strsplit(header$`Set-Cookie`,'\n')[[1L]]

   if (length(cookies) == 0) return(invisible())

   d <- ifelse(is.null(domain),

grepl(paste('^',escape(key),'=',sep=''),cookies,perl=TRUE),

grepl(paste('^',escape(key),'=.*domain=',domain,sep=''),cookies,perl=TRUE)

   )

   header$`Set-Cookie` <- paste(cookies[!d],collapse='\n')

   set_cookie_header(header,key,'',timezero(),path,domain,secure,httpOnly)

}

It seems that the first line prevents the rest of the function to work. Inside my rhtml I have:

  <%

    a<<-res$headers$`Set-Cookie` # to check what is going on

    res$delete_cookie('id', '5') # this cookie was previously set in another page, but NOT deleted cause headers$`Set-Cookie` is NULL

  %>

the Network tab in the dev tool of Chrome confirms that no Set-Cookies is in the header response! The below does work:

  <%

    res$set_cookie('id', '5')

    a<<-res$headers$`Set-Cookie` # Now this is NOT NULL so delete_cookie_header does NOT return invisible()

    res$delete_cookie('id', '5')

  %>

I think delete_cookie_header could be changed in something like:

delete_cookie_header = function(header,key=NULL,path=NULL,domain=NULL,secure=FALSE,httpOnly=FALSE){

   if (!is.null(header$`Set-Cookie`)){

cookies <- strsplit(header$`Set-Cookie`,'\n')[[1L]]

if (length(cookies) == 0) return(invisible())

d <- ifelse(is.null(domain),

grepl(paste('^',escape(key),'=',sep=''),cookies,perl=TRUE),

grepl(paste('^',escape(key),'=.*domain=',domain,sep=''),cookies,perl=TRUE)

)

header$`Set-Cookie` <- paste(cookies[!d],collapse='\n')

}

   set_cookie_header(header,key,'',timezero(),path,domain,secure,httpOnly)

}

    

[Michele]

I found useful the following changes:

1) In Utils.R

delete_cookie_header = function(header,key=NULL,path=NULL,domain=NULL,secure=FALSE,httpOnly=FALSE){

if(!is.null(header$`Set-Cookie`)){

cookies <- strsplit(header$`Set-Cookie`,'\n')[[1L]]

if (!length(cookies) == 0){

d <- ifelse(is.null(domain),

grepl(paste('^',escape(key),'=',sep=''),cookies,perl=TRUE),

grepl(paste('^',escape(key),'=.*domain=',domain,sep=''),cookies,perl=TRUE)

)

header$`Set-Cookie` <- paste(cookies[!d],collapse='\n')

}

}

   set_cookie_header(header,key,'',timezero(),path,domain,secure,httpOnly)

}

2) In Response.R

      set_cookie = function(key,value,expires=NULL){

         Utils$set_cookie_header(headers,key,value,expires)

      },

      delete_cookie = function(key){

         Utils$delete_cookie_header(headers, key)

      }

The first could be re written in a more elegant way but It seems to work for me. I hope removing the value and expires parameter from delete_cookie_header, and value from delete_cookie won't have any side effect.

Cheers.