I'm trying to share a cookie between www.example.com and admin.other.example.com
I've being able to make it work with other.example.com, but there's no way to access the sub-sub-domain
Edit: I handle subdomains by defining the cookie domain as .example.com (note the first dot)
You can only share cookies between a domain and its own subdomains.
For example:
a cookie defined for the domain example.com can be accessed by www.example.com and foo.bar.example.com
a cookie defined for the domain www.example.com can be accessed by foo.www.example.com but not by bar.example.com
Related
I can't find any good source that exlains what valid values for the domain attribute of a cookie are when it gets set. They all just explain where cookies set for domain x are sent to. But I want to know
is www.example.com allowed to set a cookie with Domain example.com?
is example.com allowed to set a cookie with Domain www.example.com?
is www.example.com allowed to set a cookie with Domain www2.example.com?
is example.com allowed to set a cookie with Domain example.org?
is example.com allowed to set a cookie with Domain com?
Is https://publicsuffix.org/ relevant here for the site context?
Thx
We have cookies added by the current website say www.example.com. Cookie domain of those cookies is one of the following when viewed in browser,
www.example.com (are also marked as HostOnly)
.example.com
.www.example.com
Now, we are creating a sub-domain say test.example.com and we need that sub-domain to have access to all the cookies added by www.example.com.
Please help in understanding which of the cookies will NOT be shared and why.
Also, another query regarding cookies is - HttpOnly. Will cookies marked as HttpOnly be not available across sub-domains?
I have a domain www.example.com with two sub domains
foo.example.com
bar.example.com
I want to set a cookie for all subdomains except foo.example.com , Any help is greatly appreciated!!
Currently I have tried,
<cfcookie name="cookieName" value="cookieValue" expires="never" domain=".example.com" path="/">
But it sets this cookie on all sub-domains.
If I understand your question correctly, you wish for a cookie set on foo.example.com to be read by both foo.example.com and example.com but not by bar.example.com. I don't think you can do this - at least not using the native application of domain cookies. The domain cookies allow a cookie set in a parent to be read by subsequent children. Since foo and bar are both children of example.com in the heirarchy, they would be able to read a domain wide cookie.
I was able to stay logged in on multiple subdomains I created for example.com, such as I stayed logged in at a.example.com and b.example.com. But when I try aliasing (CNAME) to example.com of a.example.com, I lose what my current session was.
SESSION_COOKIE_DOMAIN is 'example.com' which probably explains why the current session was not held.
Is there anyway I can alias while holding what my sessions were from example.com since it is suppose to point to example.com in the first place?
I know meetup.com does something like this.
Try placing a "." in front of your domain
SESSION_COOKIE_DOMAIN = '.example.com'
This will assign your session domain to example.com and will persist for all subdomains.
I'm currently doing development on a site for a client. This site will be hosted on a subdomain of the client's main site. The client's main site is
www.xyz.com
and the site I'm working on will be hosted at
funds.xyz.com
Anyone who visits www.xyz.com will have a cookie written to their machine which contains data specifying the user's region. I need that data on my site. Is it possible for me to get access to this cookie?
Yes, so long as the cookie is set for domain ".xyz.com" (note the leading "."). This makes the cookie available to all subdomains of xyz.com
On the other hand, if the domain is "www.xyz.com", the cookie is only visible to the www subdomain.
I believe if you create a cookie with domain name: .xyz.com it will be accessible across all sub domains.