Logging out of Xenforo from different site with same domain

hoks

Member
I have xenforo hosted on forums.xxxxxxxx.xxx
And a regular site on www.xxxxxxxx.xxx

The cookie domain is xxxxxxxx.xxx, so that both sites share some cookies.
I am using the XF2 API to synchronize the session on forums and www via the xf_session cookie.

I want to add a "log out" link on the www site. But I will get a CSRF error because the www site does not have the CSRF token.

Is it enough for me to just delete the xf_session cookie, to log the user out of both forums and www?
 
Back
Top Bottom