SSL Labs ScoreSecurityHeaders.io Score

Log in to participate

There is no cost to join RicheyWeb, and membership is a requirement to submit bug reports and participate in the support forums.

× EU e-Privacy Directive needs your help!

A free extension like this survives only by reputation. You can help by submitting a review in the Joomla Extension Directory. Please take the time to make a review by clicking on the link below (opens in a new window)

extensions.joomla.org/write-review/review/add?extension_id=4850

Cannot remove cookies in production site

More
5 months 4 days ago - 5 months 4 days ago #1025 by danielecr
danielecr replied the topic: Cannot remove cookies in production site
Yes you are right, this cookie is set by my website through statcounter.
However after modifying some code of the plugin now it works.

Thanks
Last Edit: 5 months 4 days ago by danielecr.

Please Log in or Create an account to join the conversation.

More
5 months 2 days ago #1069 by michael
michael replied the topic: Cannot remove cookies in production site
I believe I cracked the puzzle - version 3.7.1 resolves an issue when the PHP.ini has session.use_strict_mode is turned on.

Let me know if the new version solves the session cookie issue.

Please Log in or Create an account to join the conversation.

More
5 months 2 days ago - 5 months 2 days ago #1071 by danielecr
danielecr replied the topic: Cannot remove cookies in production site
Hi Michael, I updated to last version this afternoon but the new version doesn't delete my cookies.
Sorry to not have replied in these days I was quite busy.
Take into account I'm not so expert in php, here I'm writing the modifications to the code, which works for me, but it's very specific to my site as you will read.
I modified the 2 files eprivacy.php in the ajax and system plugin folders.
I deleted the _KillCookie and KillCookie functions (if I remember well their names because I already deleted them) and modified the _cleanHeaders function to be:

private function _cleanHeaders() {
header_remove('Set-Cookie');
$app = JFactory::getApplication();
if (isset($_SERVER))
{
setcookie('plg_system_eprivacy', '', time()-1000,'/', 'DOMAIN', 0);
setcookie('sc_is_visitor_unique', '', time()-1000,'/', 'DOMAIN', 0);
setcookie('JOOMLAFRONTENDCOOKIENAME', '', time()-1000,'/', 'DOMAIN', 0);
}
}

the 'DOMAIN' is www.mydomain.com as it is set in joomla global configuration (I'' writing DOMAIN in the code because I have error of too many links when replying to this thread).
The JOOMLAFRONTENDCOOKIENAME is the md5(md5('SecretKeyInConfigurationphp' . 'site')), which is always the same.

Then I modified the _decline function as follows:

private function _decline() {
$app = JFactory::getApplication();
$app->setUserState('plg_system_eprivacy', false);
setcookie('plg_system_eprivacy', '', time()-1000,'/', 'DOMAIN', 0);
setcookie('sc_is_visitor_unique', '', time()-1000,'/', 'DOMAIN', 0);
setcookie('JOOMLAFRONTENDCOOKIENAME', '', time()-1000,'/', 'DOMAIN', 0);
return true;
}

Hope it helps tracking the issue.

Daniele
Last Edit: 5 months 2 days ago by danielecr.

Please Log in or Create an account to join the conversation.

More
5 months 2 days ago - 5 months 2 days ago #1072 by danielecr
danielecr replied the topic: Cannot remove cookies in production site
Sorry Michael, I was referring to v. 3.7.0; v.3.7.1 just popup now, I will install tomorrow afternoon and test.

EDIT: I was curious so i tested it now :) Unfortunately v.3.7.1 doesn't solve my problem.
Last Edit: 5 months 2 days ago by danielecr.

Please Log in or Create an account to join the conversation.

More
5 months 1 day ago #1074 by michael
michael replied the topic: Cannot remove cookies in production site
Another user was willing to set up a testing site on his server that was doing the same thing.

He figured it out while we were testing - his server requires the cookie path and cookie domain to be set in Joomla Global Configuration or it won't delete the cookies!

Please Log in or Create an account to join the conversation.

More
5 months 15 hours ago #1075 by danielecr
danielecr replied the topic: Cannot remove cookies in production site
Hi Michael,
no luck even in setting the cookie domain, which was already set to www.mydomain.com , and the cookie path, set to /
Cookies not deleted with the original extension.
It's very strange, I cannot track the issue, the original code seems to do the same thing as my specific modification.

Please Log in or Create an account to join the conversation.

  • Not Allowed: to create new topic.
  • Not Allowed: to reply.
  • Not Allowed: to add attachements.
  • Not Allowed: to edit your message.
Kunena Forum