From 29efc37de7208d95304925994d6600f582a956bc Mon Sep 17 00:00:00 2001
From: Viktor Jacynycz <vjacynycz@stratio.com>
Date: Tue, 14 Feb 2023 10:39:28 +0100
Subject: [PATCH 1/2] Clear extra cookies with same domain as session cookie

---
 .gitignore    |  1 +
 CHANGELOG.md  | 11 +++++++----
 oauthproxy.go | 14 +-------------
 3 files changed, 9 insertions(+), 17 deletions(-)

diff --git a/.gitignore b/.gitignore
index 7f352b8a4c..57f3044462 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,6 +18,7 @@ c.out
 _obj
 _test
 .idea/
+.vscode/
 
 # Architecture specific extensions/prefixes
 *.[568vq]
diff --git a/CHANGELOG.md b/CHANGELOG.md
index e88bb51201..d6a8a1c1d9 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,12 +1,15 @@
 # Changelog
 
-## 7.1.2-0.1.0 (upcoming)
+## 7.4.0-0.1.0 (upcoming)
 
-* Use new versioning schema
-* Adapt repo to new CICD
+## 7.1.2-0.1.1 (2023-02-01)
+
+* [EOS-10808] Clear extra cookies with same domain as session cookie
 
-## 7.1.2 (September 10, 2021)
+## 7.1.2-0.1.0 (2022-07-21)
 
+* Use new versioning schema
+* Adapt repo to new CICD
 * Bump alpine version to fix vulnerabilities
 * [EOS-5416] Make sis path configurable
 * [EOS-5112] Clear extra cookies whenever session cookie is removed
diff --git a/oauthproxy.go b/oauthproxy.go
index 23a3e0665b..5c7b92f0e3 100644
--- a/oauthproxy.go
+++ b/oauthproxy.go
@@ -460,18 +460,6 @@ func (p *OAuthProxy) makeCookie(req *http.Request, name string, value string, ex
 	}
 }
 
-func (p *OAuthProxy) makeExtraCookie(req *http.Request, name string, value string, expiration time.Duration, now time.Time) *http.Cookie {
-	return &http.Cookie{
-		Name:     name,
-		Value:    value,
-		Path:     p.CookiePath,
-		HttpOnly: p.CookieHTTPOnly,
-		Secure:   p.CookieSecure,
-		Expires:  now.Add(expiration),
-		SameSite: cookies.ParseSameSite(p.CookieSameSite),
-	}
-}
-
 // ClearCSRFCookie creates a cookie to unset the CSRF cookie stored in the user's
 // session
 func (p *OAuthProxy) ClearCSRFCookie(rw http.ResponseWriter, req *http.Request) {
@@ -503,7 +491,7 @@ func (p *OAuthProxy) ClearExtraCookies(rw http.ResponseWriter, req *http.Request
 			continue
 		}
 		logger.Printf("Extra cookie %s found in request: %#v", name, c)
-		http.SetCookie(rw, p.makeExtraCookie(req, c.Name, "", time.Hour*-1, time.Now()))
+		http.SetCookie(rw, p.makeCookie(req, c.Name, "", time.Hour*-1, time.Now()))
 	}
 }
 

From 04510aa0f9d6f8eb2d4ce669560f3132469441d7 Mon Sep 17 00:00:00 2001
From: Viktor Jacynycz <vjacynycz@stratio.com>
Date: Tue, 14 Feb 2023 10:40:54 +0100
Subject: [PATCH 2/2] Update Changelog

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d6a8a1c1d9..d0719ca744 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,6 @@
 # Changelog
 
-## 7.4.0-0.1.0 (upcoming)
+## 7.4.0-0.2.0 (upcoming)
 
 ## 7.1.2-0.1.1 (2023-02-01)