Cookies overload creating bad request, impossible to delete with php or js
-
23-07-2021 - |
質問
Website is regularly giving HTTP400 Bad Request errors, it's caused by 2 cookies being too big.
I use livestream.com to play live video (using Flash) and seems like they use Akamai Analytics that is setting 4 cookies with my domain. clientLastHTimes clientLastPTimes AkamaiAnalytics_VisitIsPlaying AkamaiAnalytics_VisitLastCloseTime
The first two are the one posing problems with over 8000 characters on last crash.
So tried php way to delete these cookies doing this
setcookie(
'clientLastPTimes', '', time() - 3600, '/','mydomain.com', false, false
);
or
setcookie('clientLastPTimes', '', 1);
Not working.
Then tried to do the same with Javascript on page load AND unload.
function Delete_Cookie( name, path, domain ) {
document.cookie=name+"="
+ ((path) ? ";path="+path:"")
+ ((domain)?";domain="+domain:"")
+ ";expires=Thu, 01 Jan 1970 00:00:01 GMT";
}
Delete_Cookie('clientLastPTimes', '/', 'mydomain.com')
These damn cookies are still there. Sometimes it created other cookies with the same name. Found that was usually due to path or domain being slightly different. Tried to just edit their content too, without setting a backward date.
So really struggling with this one. If you have any idea how to delete these cookies or do anything else to avoid HTTP400 cookie overload.... I'd be very greatful.
Thanks a lot
John
解決
Try the code below. Also take note of the following: https://stackoverflow.com/a/6319162/881551
<?php
// I am using a larger expiration to account for server timezone differences.
// http://php.net/manual/en/function.setcookie.php#96813
$cookies = array(
'clientLastHTimes',
'clientLastPTimes',
'AkamaiAnalytics_VisitIsPlaying',
'AkamaiAnalytics_VisitLastCloseTime'
);
foreach ($cookies as $cookie) {
if (isset($_COOKIE[$cookie])) {
$_COOKIE[$cookie] = '';
}
setcookie($cookie, "", time() - 90000);
setcookie($cookie, "", time() - 90000, "/", $_SERVER['HTTP_HOST'], 0); // just in case
}
?>
他のヒント
So for anyone who might have similar issues... I found the source of the problem, the cookie deletion does not really work. It is Chrome the problem, all browser kill session cookies when user exists, but not chrome by default. So need to add option in chrome to kill the session for a specific site. Kind of nuts, but it's a choice Google made to restore the browser as it was when it was closed.