proposal: net/http/cookiejar: add Jar.Clear

[AidanWelch]

Proposal Details

Currently, since a jar's entries are not exposed to clear all cookies in a client's Jar in a thread-safe manner would require(from my understanding):

• Wrapping all calls to the client in a read lock, then write locking as the client's Jar is replaced with a new empty jar.
• Keeping track of all URLs accessed in a thread-safe manner, getting the cookies for each of them, and overwriting each of those cookies with expired ones,
• Creating a Jar wrapping type storing a pointer to the jar that has an additional lock on each of the interface functions, and also a third Clear function that sets the pointer to the new jar. This is probably the most reasonable option.

Neither of those options are especially convenient, so I propose cookiejar adds a Clear() method that I will open a PR for. I am not proposing this is added to net/http's CookieJar as that would be a breaking change.

[gopherbot]

Change https://go.dev/cl/625898 mentions this issue: net/http/cookiejar: implement concurrent-safe Clear method

[seankhliao]

What's the use case of clearing everything? and is this the appropriate thing to do if you have in flight requests?
Shouldn't clearing only be done when you know requests are all done, at which point you can just set Client.Jar to a new cookie jar?

[AidanWelch]

My use case for it is making concurrent requests with an authenticated client until X time, at which point refreshing the auth cookies/tracking for the client. (And in this case inflight requests largely wouldn't matter, the cookies were either sent or weren't)

[seankhliao]

that seems quite niche, and easily solvable by wrapping the stdlib implementation

[AidanWelch]

That's fair, my reason for proposal was just how trivial it is to implement within the cookie jar, while requiring additional mutexes and state tracking outside it.