How do I delete all Cookies from a page with JavaScript?

3

Is there a way to exclude all (already existing) cookies related to a page using just JavaScript?

    
asked by anonymous 17.10.2014 / 04:28

2 answers

5

Here are two answers taken from SOzão .

This:

function deleteAllCookies() {
    var cookies = document.cookie.split(";");

    for (var i = 0; i < cookies.length; i++) {
        var cookie = cookies[i];
        var eqPos = cookie.indexOf("=");
        var name = eqPos > -1 ? cookie.substr(0, eqPos) : cookie;
        document.cookie = name + "=;expires=Thu, 01 Jan 1970 00:00:00 GMT";
    }
}


And this:

function deleteAllCookies() {
 var c = document.cookie.split("; ");
 for (i in c) 
  document.cookie =/^[^=]+/.exec(c[i])[0]+"=;expires=Thu, 01 Jan 1970 00:00:00 GMT";    
}


Both have a similar limitation: they do not delete cookies without the "=", meaning cookies that have a name but do not have a value. As this is a rare case, both will work well in almost any normal situation.


For cases where paths are varied, have this other response, more "aggressive", but which should be used in conjunction with a loop like the above answers to get the name of each cookie:

function eraseCookieFromAllPaths(name) {
    // This function will attempt to remove a cookie from all paths.
    var pathBits = location.pathname.split('/');
    var pathCurrent = ' path=';

    // do a simple pathless delete first.
    document.cookie = name + '=; expires=Thu, 01-Jan-1970 00:00:01 GMT;';

    for (var i = 0; i < pathBits.length; i++) {
        pathCurrent += ((pathCurrent.substr(-1) != '/') ? '/' : '') + pathBits[i];
        document.cookie = name + '=; expires=Thu, 01-Jan-1970 00:00:01 GMT;' + pathCurrent + ';';
    }
}


Note: As well remembered by @PapaCharlie, the browser does not tell JS the cookie path, and the routine above to compensate for this limitation does a "brute force" in the possible paths for cookies to try to erase them whatever depth they are. This will only work if JS is called a sub-level equal to or greater than set in cookie . One possible expansion of the idea would be to also test the domain with and without the www prefix.

    
17.10.2014 / 05:07
3

I think the code below will work out.

var cookies = document.cookie.split(";");
var expire = new Date();
for (var i = 0; i < cookies.length; i++)
{
    cookie = cookies[i].split("=")[0];
    expire.setDate(expire.getDate()-1);
    document.cookie = "asd=; expires=" + expire;
}

But there are some considerations about domain, path e httponly .

  • If the cookie is set to httponly = true , you can not remove it via javascript. The link parameter is just to prevent cookie manipulation by JS, adding security.

  • If you created a cookie with the domain e path parameters, you will have to use them for removal using the line below substituting in the above code.

  • document.cookie = name + "=; expires=" + expire + "; domain=" + domain + "; path=" + path;

        
    17.10.2014 / 05:09