HTTPS HTTP HTTP GET cookies HTTP replaced headers # Server-side HTTP/1.1 200 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake Set-Cookie: foo=123; path=/; secure; Content-Length: 7 nomnom HTTP/1.1 200 OK Date: Thu, 09 Nov 2010 14:49:00 GMT Server: test-server/fake Set-Cookie: foo=; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ Content-Length: 7 nomnom # Client-side SSL http https Expire secure cookies over HTTPS -k https://%HOSTIP:%HTTPSPORT/15620001 -H "Host: www.example.com" https://%HOSTIP:%HTTPSPORT/15620002 -b "non-existing" https://%HOSTIP:%HTTPSPORT/15620001 ^User-Agent:.* GET /15620001 HTTP/1.1 Host: www.example.com Accept: */* GET /15620002 HTTP/1.1 Host: www.example.com Accept: */* Cookie: foo=123 GET /15620001 HTTP/1.1 Host: www.example.com Accept: */*