Expired Cookie Returned in document.cookie

Safari & Web General
abadore OP
Created Mar ’22
Replies 2
Boosts 0
Views 890
Participants 4

Seeing an issue where document.cookie is returning an expired cookie. This cookie is correctly not sent in requests and is not displayed in the web inspector (Storage -> Cookies). Problem persists until safari is restarted.

Affects the following user agents...

  • Mozilla/5.0 (iPhone; CPU iPhone OS 15_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Mobile/15E148 Safari/604.1
  • Mozilla/5.0 (iPhone; CPU iPhone OS 15_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Mobile/15E148 Safari/604.1
  • Mozilla/5.0 (iPhone; CPU iPhone OS 15_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 Flipboard/4.2.140
  • Mozilla/5.0 (iPad; CPU OS 15_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/99.0.4844.59 Mobile/15E148 Safari/604.1
  • Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Safari/605.1.15
  • Mozilla/5.0 (iPhone; CPU iPhone OS 15_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/99.0.4844.59 Mobile/15E148 Safari/604.1
  • Mozilla/5.0 (iPhone; CPU iPhone OS 14_8_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
  • Mozilla/5.0 (iPhone; CPU iPhone OS 15_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 Safari/604.1 [Pinterest/iOS]
  • Mozilla/5.0 (iPhone; CPU iPhone OS 14_8 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
  • Mozilla/5.0 (iPhone; CPU iPhone OS 15_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/19D52 [FBAN/FBIOS;FBDV/iPhone11,8;FBMD/iPhone;FBSN/iOS;FBSV/15.3.1;FBSS/2;FBID/phone;FBLC/en_US;FBOP/5]

Was not able to reproduce on Safari 15.0 on OSX 10.15.7. Does not occur in desktop chrome or firefox. Seems OSX and IOS specific.

Edit: the more I look at this it appears to be a webkit bug.

Replies  2
Boosts  0
Views  890
Participants  4
boubou158 OP
Mar ’23

Hi,

Facing the same here. It is a big problem for any applications with SSO relying on cookies. Did you find a solution? document.cookie still returns old deleted cookies leading to many unexpected behavior. Chrome and firefox works perfectly fine.

Thank you

0
devmanager OP
Jul ’23

Even If you are API call is clearing cookies (Set-cookie), Still you need clear cookies manually as well in your browser for Safari.

Either you can use the following code

document.cookie = "YOUR_COOKIE_NAME=;expires=Thu, 01-Jan-1970 00:00:01 GMT;domain="+document.location.host

or

you can use js-cookie to manage cookies by adding the below function

export function removeFromCookies(keys = []) {
  keys.forEach(key =>
    // For Safari we need to pass the  domain name to remove the cookie
    Cookies.remove(key, {
      domain: window.location.host,
      expires: 'Thu, 01-Jan-1970 00:00:01 GMT',
    }),
  );
}

Thank you

0
Expired Cookie Returned in document.cookie
First post date Last post date
 
 
Q