Finding the source of a HTTP_COOKIE in a response payload?
Question
The following code correctly identifies a properly formed payload and sends a 200 response.
if($signature == $authKey)
{
if (isset($_SERVER['HTTP_COOKIE'])) {
$cookies = explode(';', $_SERVER['HTTP_COOKIE']);
foreach($cookies as $cookie) {
$parts = explode('=', $cookie);
$name = trim($parts[0]);
setcookie($name, '', time()-1000);
setcookie($name, '', time()-1000, '/');
}
}
http_response_code(200);
XeroWebHookHandler::handlePayload($rawPayload);
}
The endpoint however, won't accept a HTTP response containing a cookie.
The above code is giving me the following response Response contained a cookie .
My service is hosted on an AWS EC2 instance running a standard Ubuntu server hosting apache.
What methods can I use to correctly identify what might be setting a HTTP_COOKIE variable. Alternatively, am I clearing it correctly?
1 answers
solution1
0 ACCPTED 2018-04-06 05:50:35
I found it. The answer helped in my specific case, but I will share it in case anyone else has the same issue.
Session cookies are the issue.
session_destroy();
setcookie("PHPSESSID", "", time()-3600, "/");
I found that session_destroy() alone left some crumbs.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.