Shutdown Helper error prone, causes privacy issue on static home pages and intermittent connections

[eliotsykes]

Version info

• intercom-rails version: all at time of writing

Expected behavior

1. User logs out
2. Logged out user is redirected to / served from public/index.html
3. Previous intercom conversations are no longer visible

Actual behavior

1. User logs out
2. Logged out user is redirected to / served from public/index.html
3. Previous intercom conversations are visible

Cause

The shutdown callback is never called for the static home page.

This exposes the logged out user's conversations to another user who shares their device and browser.

This issue is partly due to the 2-request approach used by ShutdownHelper. The advice on not clearing cookies added in #174 on redirects appears outdated or incorrect - see #249. There is evidence that the cookies could be successfully cleared on redirect when SessionsController#destroy is called on logout, contrary to the README advice. Clearing the cookies in SessionsController#destroy instead of using the 2-request approach would solve this issue.

(Note, the above issue could also happen with a dynamic home page if the user loses connectivity after logout but before the redirected response completes.)