Keep ResponseCookie options on delete. (#905)

jkotalik · jkotalik · commit 8391a3c7f831 · 2017-08-25T16:17:01.000-07:00
diff --git a/src/Microsoft.AspNetCore.Http/Internal/ResponseCookies.cs b/src/Microsoft.AspNetCore.Http/Internal/ResponseCookies.cs
@@ -129,6 +129,9 @@ public void Delete(string key, CookieOptions options)
                 Path = options.Path,
                 Domain = options.Domain,
                 Expires = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc),
+                Secure = options.Secure,
+                HttpOnly = options.HttpOnly,
+                SameSite = options.SameSite
             });
         }
     }
diff --git a/test/Microsoft.AspNetCore.Http.Tests/ResponseCookiesTest.cs b/test/Microsoft.AspNetCore.Http.Tests/ResponseCookiesTest.cs
@@ -1,6 +1,7 @@
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
+using System;
 using System.Text;
 using Microsoft.AspNetCore.Http.Internal;
 using Microsoft.Extensions.ObjectPool;
@@ -27,6 +28,35 @@ public void DeleteCookieShouldSetDefaultPath()
             Assert.Contains("expires=Thu, 01 Jan 1970 00:00:00 GMT", cookieHeaderValues[0]);
         }
 
+        [Fact]
+        public void DeleteCookieWithCookieOptionsShouldKeepPropertiesOfCookieOptions()
+        {
+            var headers = new HeaderDictionary();
+            var cookies = new ResponseCookies(headers, null);
+            var testcookie = "TestCookie";
+            var time = new DateTimeOffset(2000, 1, 1, 1, 1, 1, 1, TimeSpan.Zero);
+            var options = new CookieOptions
+            {
+                Secure = true,
+                HttpOnly = true,
+                Path = "/",
+                Expires = time,
+                Domain = "example.com",
+                SameSite = SameSiteMode.Lax
+            };
+
+            cookies.Delete(testcookie, options);
+
+            var cookieHeaderValues = headers[HeaderNames.SetCookie];
+            Assert.Equal(1, cookieHeaderValues.Count);
+            Assert.StartsWith(testcookie, cookieHeaderValues[0]);
+            Assert.Contains("path=/", cookieHeaderValues[0]);
+            Assert.Contains("expires=Thu, 01 Jan 1970 00:00:00 GMT", cookieHeaderValues[0]);
+            Assert.Contains("secure", cookieHeaderValues[0]);
+            Assert.Contains("httponly", cookieHeaderValues[0]);
+            Assert.Contains("samesite", cookieHeaderValues[0]);
+        }
+
         [Fact]
         public void NoParamsDeleteRemovesCookieCreatedByAdd()
         {

Original file line number	Diff line number	Diff line change
`@@ -129,6 +129,9 @@ public void Delete(string key, CookieOptions options)`
`129`	`129`	`Path = options.Path,`
`130`	`130`	`Domain = options.Domain,`
`131`	`131`	`Expires = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc),`
	`132`	`+ Secure = options.Secure,`
	`133`	`+ HttpOnly = options.HttpOnly,`
	`134`	`+ SameSite = options.SameSite`
`132`	`135`	`});`
`133`	`136`	`}`
`134`	`137`	`}`