Flask: How to remove cookies?

后端 未结 3 1682
走了就别回头了
走了就别回头了 2021-01-03 17:43

I set cookies with the code suggested in the docs:

from flask import make_response

@app.route(\'/\')
def index():
    resp = make_response(render_template(.         


        
相关标签:
3条回答
  • 2021-01-03 18:13

    We can make us of delete_cookie() available from flask.Response.

    resp.delete_cookie('username')
    

    This will delete the cookie on response. Here is delete_cookie documentation.

    Also you may want to have add path (default set to '/') and domain (default set to None).

    resp.delete_cookie('username', path='/', domain='yourdomain.com')
    

    Here is the interpreter screenshot which shows delete_cookie object in flask.Response.

    0 讨论(0)
  • 2021-01-03 18:23

    There's no HTTP header for deleting a cookie. Traditionally you just set the cookie to a dummy value with an expiration date in the past, so it immediately expires.

    resp.set_cookie('sessionID', '', expires=0)
    

    This will set the session id cookie to an empty string that expires at unixtime 0, which is almost certainly in the past.

    0 讨论(0)
  • 2021-01-03 18:25

    You need to set the cookie with an expiry that's in the past.

    resp = make_response(render_template(...))
    resp.set_cookie('username', expires=0)
    return resp
    

    By the way, I hope you don't actually expect that username cookie to be safe. Because it's not. The user can put anything he wants in there. The solution is usually to use the Flask session which uses a signed cookie that cannot be modified by the user.

    0 讨论(0)
提交回复
热议问题