From 936a11626486e246052a15c53c6141430f49b3d2 Mon Sep 17 00:00:00 2001 From: Quentin Kniep Date: Thu, 3 Dec 2020 18:52:48 +0000 Subject: [PATCH] Fix purge from other paths than root (#129) Co-authored-by: Rob Ede Co-authored-by: Yuki Okushi --- actix-session/CHANGES.md | 1 + actix-session/src/cookie.rs | 1 + 2 files changed, 2 insertions(+) diff --git a/actix-session/CHANGES.md b/actix-session/CHANGES.md index fc94324bd..f02d76ecb 100644 --- a/actix-session/CHANGES.md +++ b/actix-session/CHANGES.md @@ -2,6 +2,7 @@ ## Unreleased - 2020-xx-xx * `Session::set_session` takes a `IntoIterator` instead of `Iterator` +* Fix calls to `session.purge()` from paths other than the one specified in the cookie ## 0.4.0 - 2020-09-11 diff --git a/actix-session/src/cookie.rs b/actix-session/src/cookie.rs index ecef06359..bc2b95ea7 100644 --- a/actix-session/src/cookie.rs +++ b/actix-session/src/cookie.rs @@ -136,6 +136,7 @@ impl CookieSessionInner { /// invalidates session cookie fn remove_cookie(&self, res: &mut ServiceResponse) -> Result<(), Error> { let mut cookie = Cookie::named(self.name.clone()); + cookie.set_path(self.path.clone()); cookie.set_value(""); cookie.set_max_age(Duration::zero()); cookie.set_expires(OffsetDateTime::now_utc() - Duration::days(365));