From ec1a86977b1dc5cfc1c24ab1d54205531404087b Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jow@openwrt.org>
Date: Mon, 9 Feb 2015 16:30:11 +0100
Subject: Avoid setting duplicate cookies

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
---
 .../luci-mod-admin-full/luasrc/controller/admin/index.lua  | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

(limited to 'modules/luci-mod-admin-full')

diff --git a/modules/luci-mod-admin-full/luasrc/controller/admin/index.lua b/modules/luci-mod-admin-full/luasrc/controller/admin/index.lua
index 74a3fd9adc..d00d546b64 100644
--- a/modules/luci-mod-admin-full/luasrc/controller/admin/index.lua
+++ b/modules/luci-mod-admin-full/luasrc/controller/admin/index.lua
@@ -28,13 +28,17 @@ end
 function action_logout()
 	local dsp = require "luci.dispatcher"
 	local utl = require "luci.util"
-	if dsp.context.authsession then
-		utl.ubus("session", "destroy", {
-			ubus_rpc_session = dsp.context.authsession
-		})
+	local sid = dsp.context.authsession
+
+	if sid then
+		utl.ubus("session", "destroy", { ubus_rpc_session = sid })
+
 		dsp.context.urltoken.stok = nil
+
+		luci.http.header("Set-Cookie", "sysauth=%s; expires=%s; path=%s/" %{
+			sid, 'Thu, 01 Jan 1970 01:00:00 GMT', dsp.build_url()
+		})
 	end
 
-	luci.http.header("Set-Cookie", "sysauth=; path=" .. dsp.build_url())
 	luci.http.redirect(luci.dispatcher.build_url())
 end
-- 
cgit v1.2.3