From ae9bad957bb30605abc1b37e6503b0d673039ac4 Mon Sep 17 00:00:00 2001
From: Fabien O'Carroll <fabien@allou.is>
Date: Tue, 20 Jul 2021 10:13:21 +0100
Subject: [PATCH] Fixed _removeSessionCookie method use of `cookies`

refs https://github.com/TryGhost/Team/issues/908

The `cookies` module will unset a cookie if `null` or `undefined` is
passed as the value, or if the value is not passed. The previous call
was passing the options, which were being read as the value, and
resulting in `'[Object object]'` being stored as a cookie.

Explicitly passing `null` as the value makes this code correct and
easier to maintain.
---
 ghost/members-ssr/lib/MembersSSR.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ghost/members-ssr/lib/MembersSSR.js b/ghost/members-ssr/lib/MembersSSR.js
index d805c2130a..0ecddd89ca 100644
--- a/ghost/members-ssr/lib/MembersSSR.js
+++ b/ghost/members-ssr/lib/MembersSSR.js
@@ -108,7 +108,7 @@ class MembersSSR {
      */
     _removeSessionCookie(req, res) {
         const cookies = this._getCookies(req, res);
-        cookies.set(this.sessionCookieName, this.sessionCookieOptions);
+        cookies.set(this.sessionCookieName, null, this.sessionCookieOptions);
     }
 
     /**