update the vendor json library which is used when 'WithOptimizations' passed on 'app.Run' and resolve https://github.com/kataras/iris/pull/839#issuecomment-351374343

Former-commit-id: ad3354717d593393a3f3aec863ec92f1f7e1c829

sessions/config.go

@@ -56,6 +56,13 @@ type (
 		// Defaults to false.
 		CookieSecureTLS bool
 
+		// AllowReclaim will allow to
+		// Destroy and Start a session in the same request handler.
+		// All it does is that it removes the cookie for both `Request` and `ResponseWriter`.
+		//
+		// Defaults to false.
+		AllowReclaim bool
+
 		// Encode the cookie value if not nil.
 		// Should accept as first argument the cookie name (config.Cookie)
 		//         as second argument the server's generated session id.

sessions/cookie.go

@@ -38,7 +38,8 @@ func AddCookie(ctx context.Context, cookie *http.Cookie) {
 }
 
 // RemoveCookie deletes a cookie by it's name/key
-func RemoveCookie(ctx context.Context, name string) {
+// If "purge" is true then it removes the, temp, cookie from the request as well.
+func RemoveCookie(ctx context.Context, name string, purge bool) {
 	c, err := ctx.Request().Cookie(name)
 	if err != nil {
 		return
@@ -50,6 +51,11 @@ func RemoveCookie(ctx context.Context, name string) {
 	c.Value = ""
 	c.Path = "/"
 	AddCookie(ctx, c)
+
+	if purge {
+		// delete request's cookie also, which is temporary available.
+		ctx.Request().Header.Set("Cookie", "")
+	}
 }
 
 // IsValidCookieDomain returns true if the receiver is a valid domain to set

sessions/sessions.go

@@ -146,7 +146,7 @@ func (s *Sessions) Destroy(ctx context.Context) {
 	if cookieValue == "" { // nothing to destroy
 		return
 	}
-	RemoveCookie(ctx, s.config.Cookie)
+	RemoveCookie(ctx, s.config.Cookie, s.config.AllowReclaim)
 
 	s.provider.Destroy(cookieValue)
 }