HTTPS
HTTP
HTTP GET
cookies
HTTP replaced headers
# Server-side
HTTP/1.1 200 OK
Date: Thu, 09 Nov 2010 14:49:00 GMT
Server: test-server/fake
Set-Cookie: foo=123; path=/; secure;
Content-Length: 7
nomnom
HTTP/1.1 200 OK
Date: Thu, 09 Nov 2010 14:49:00 GMT
Server: test-server/fake
Set-Cookie: foo=; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/
Content-Length: 7
nomnom
# Client-side
SSL
http
https
Expire secure cookies over HTTPS
-k https://%HOSTIP:%HTTPSPORT/15620001 -H "Host: www.example.com" https://%HOSTIP:%HTTPSPORT/15620002 -b "non-existing" https://%HOSTIP:%HTTPSPORT/15620001
^User-Agent:.*
GET /15620001 HTTP/1.1
Host: www.example.com
Accept: */*
GET /15620002 HTTP/1.1
Host: www.example.com
Accept: */*
Cookie: foo=123
GET /15620001 HTTP/1.1
Host: www.example.com
Accept: */*