Hello, I’m using caddyfile and caddy security as well. In my code I have one cookie with Secure and HTTPOnly enabled and I’d like to expire it. But when I used the command:
+Set-Cookie "MY_COOKIE=null; Expires=Mon, 01 Jan 1900 07:00:00 GMT;"
The cookie has not expired and continues with the same previous values.
2. Error messages and/or full log output:
I haven’t error, but the cookie has not expired.
3. Caddy version:
I’m using Caddyfile
4. How I installed and ran Caddy:
Docker image
a. System environment:
Docker
b. Command:
docker run --rm -p PORT -v $(PWD)/Caddyfile:/srv/Caddyfile
That’s not what I asked. Make a request with curl -v and see what the response headers look like.
Either way, this doesn’t seem like a problem with Caddy, but rather with HTTP headers and cookies. That’s not a webserver concern, it’s a concern of the application layer.
Okay I get your point. But if I’d like expire a cookie with Secure and HTTPOnly enabled. What is the command to do that? This command +Set-Cookie "MY_COOKIE=null; Expires=Mon, 01 Jan 1900 07:00:00 GMT;" is enough, right?