I want to exit my web application in a browser by clicking the exit button. And I want to implement it only using js code. So there is no exit servlet. This means that I need to delete the sessionid, which is now used and stored in the browser memory, but how can I do the same?
All your session cookies should be httpOnly for security reasons. This ensures that cookies are not available in javascript and will reduce the risk if XSS is attached. It also means that cookies cannot simply be cleared on the client side.
, . , .
. AJAX cookie, , .
cookie javascript, SO question cookie javascript