fix(sdk wasm): remove cookies at signout by SHAcollision · Pull Request #265 · pubky/pubky-core

SHAcollision · 2025-11-18T08:27:47Z

This PR solves a long standing legacy issue. On browsers (wasm), on signout, the cookies are not cleared.

What changed

Added regression coverage in pubky-sdk/bindings/js/pkg/tests/session.ts for signout now must delete every per-user cookie from the environment. This test fails against the previous build, proving the bug and guarding the fix going forward.
Implemented cookies::clear_session_cookie and called it from Session::signout. The helper compiles only for wasm32 and delegates to a tiny JS shim so both Node (via fetch-cookie's jar) and browsers (document.cookie) clear the exact cookie named after the user's public key. @86667 this might not work correctly jointly with Allow multiple cookies per user #262 right?
Updated the bundling script (scripts/patch.mjs) and npm run build:test so wasm-bindgen's generated snippets/ directory is treated like the rest of the runtime artifacts (copied alongside index.js, rewritten to use ESM imports) and no longer needs to be versioned.
Ignored pkg/snippets/ via .gitignore so newly generated inline helpers do not get committed accidentally.

SHAcollision · 2025-11-18T13:23:17Z

Closing, the fix is not working as intended. Needs more research.

fix(sdk wasm): remove cookies at signout

e4bea44

SHAcollision requested a review from 86667 November 18, 2025 08:27

SHAcollision closed this Nov 18, 2025

SHAcollision deleted the fix/clear-cookies-wasm branch November 18, 2025 13:23