Improved clear cookie handling

snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php

@@ -182,18 +182,6 @@ trait UserAuth
 		return $oAccount;
 	}
 
-	private static function SetAccountCookie(string $sName, ?Account $oAccount)
-	{
-		if ($oAccount) {
-			Cookies::set(
-				$sName,
-				\MailSo\Base\Utils::UrlSafeBase64Encode(\SnappyMail\Crypt::EncryptToJSON($oAccount))
-			);
-		} else {
-			Cookies::clear($sName);
-		}
-	}
-
 	public function switchAccount(string $sEmail) : bool
 	{
 		$this->Http()->ServerNoCache();
@@ -337,13 +325,13 @@ trait UserAuth
 	public function SetAuthToken(MainAccount $oAccount): void
 	{
 		$this->SetMainAuthAccount($oAccount);
-		static::SetAccountCookie(self::AUTH_SPEC_TOKEN_KEY, $oAccount);
+		Cookies::setSecure(self::AUTH_SPEC_TOKEN_KEY, $oAccount);
 	}
 
 	public function SetAdditionalAuthToken(?AdditionalAccount $oAccount): void
 	{
 		$this->oAdditionalAuthAccount = $oAccount ?: false;
-		static::SetAccountCookie(self::AUTH_ADDITIONAL_TOKEN_KEY, $oAccount);
+		Cookies::setSecure(self::AUTH_ADDITIONAL_TOKEN_KEY, $oAccount);
 	}
 
 	/**

snappymail/v/0.0.0/app/libraries/snappymail/cookies.php

@@ -47,6 +47,18 @@ class Cookies
 			: null;
 	}
 
+	public static function setSecure(string $sName, $data): void
+	{
+		if (\is_null($data)) {
+			static::clear($sName);
+		} else {
+			static::set(
+				$sName,
+				\MailSo\Base\Utils::UrlSafeBase64Encode(Crypt::EncryptToJSON($data))
+			);
+		}
+	}
+
 	private static function _set(string $sName, string $sValue, int $iExpire, bool $httponly = true) : bool
 	{
 		$sPath = static::$DefaultPath;
@@ -134,5 +146,11 @@ class Cookies
 	{
 		static::init();
 		static::_set($sName, '', 0);
+		// Delete 4K split cookie parts
+		foreach (\array_keys($_COOKIE) as $sCookieName) {
+			if (\strtok($sCookieName, '~') === $sName) {
+				static::_set($sCookieName, '', 0);
+			}
+		}
 	}
 }