Oops: this is the correct link: https://regex101.com/r/RZltB6/1by jwal - Nginx Mailing List - English
Hi, Thanks for this; it is pretty close to what I need. I just tried it out in the regex101.com editor and I think there might be a vulnerability: https://regex101.com/delete/ypHV2Yw6o3wHqGDQTHRPZw3r The client could include the same cookie name in twice. This regexp would only strip out one of them. If the client sets a Javascript cookie with the same name as the HttpOnly cookie you are tryby jwal - Nginx Mailing List - English