Cookies and multiple domains

Say www.mysite.com just points to www.mysite.net. Then I have <cfcookie name="var1" value="value1" domain=".mysite.com">.
Obviously if someone visit www.mysite.net, the cookie is not set. Now, if someone had visited www.mysite.com and had the cookie set, what happens the next time they visit www.mysite.net?
I tried using <cfcookie name="var1" value="value1" domain=".mysite.com;.mysite.net"> but it does not recognise them. Is there something I am missing here? If so, please aid.
I also tried having <cfcookie name="var1" value="value1" domain=".mysite.com"> and <cfcookie name="var1" value="value1" domain=".mysite.net"> in one file, but it seems like the last cookie setting part is recognised.
LVL 1
chadukaAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
dlewis9Connect With a Mentor Commented:
For security reasons, cookies can not be shared between different domains.

I believe the reason they provide the option to specify one or more domains is actually for when you are using subdomains, (ie: sub1.mysite.com; sub2.mysite.com)

Are these domains for the same site?  I'd set up my server/code to have one domain redirect you to the other address when accessed..then you would only need one set of cookies and everyone would be browsing the site through the same address.
0
 
chadukaAuthor Commented:
Yeah, like I said in my question, they are the same site.

Ok, the setup is like this:
...my name server has www.mysite.com as the primary name, and www.mysite.net as an alias for www.mysite.com.
On the webserver itself (WebSite Pro on WinNT), I have www.mysite.com as the name of the server with the proper IP.
Tell me what happens if someone visits www.mysite.net? Do they get routed to www.mysite.com? I need technical details on how this all works.

Thanx
0
 
bigbadbCommented:
this is done through DNS.  Your ISP probably hosts your DNS.  WHat happens is that both mysite.com and mysite.net have indivudal dns records.  For each of these domains they have a specific www record which points to a ip.  So what happens is that if you hit mysite.com it transaltes this to an ip say 1.1.1.1 now if you want mysite.net to point to the same server you will update the mysite.net www record to point to the same ip 1.1.1.1 now you can refer to both requests using cookies and write only one cookie. Let me know if you have any more questions
0
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

 
chadukaAuthor Commented:
bigbadb, I understand that DNS setup. What I need to know is:
-- the webserver knows itself as www.mysite.com
-- i write CF code and set my cookies on .mysite.com
-- someone in Republic of Neverland types in their browser, http://www.mysite.net and hit the unresistable BIG key
-- will my cookies be set?
-- will the browser show (maybe in the URL field) the actual name http://www.mysite.com?

Thanx
0
 
bigbadbCommented:
what you do to get around this is have a inital page which only has a redirect to your actual mysite.com page.  THen you set the cookie here.  So index.html
would have a redirect to your actual www.mysite.com/default.cfm this is where you start tracking cookies.  THen regardles of mysite.com or org or net or cc you will be set
0
 
chadukaAuthor Commented:
.hmmm, so basically if they visit directly to another file without going to my start page, then I am dead?
0
 
bigbadbCommented:
you could prevent this by using session timeouts and forceing them to the main page if they hadnt visited the site lately.  Other than this it would probably be rare when a user would bypass your main page
0
 
dlewis9Commented:
.and that would be controlled in the application.cfm file.  It could look something like this:

<!--- Setup application with 1 hour sessions --->
<CFAPPLICATION NAME="myapp" SESSIONMANAGEMENT="YES" SESSIONTIMEOUT=#CreateTimeSpan(0, 1, 0, 0)#>

<!--- Force user back to home page if not logged in --->    
<CFIF NOT IsDefined("Session.loggedin")>
  <CFLOCATION URL="http://www.mysite.com">
</CFIF>

0
 
chadukaAuthor Commented:
Comment accepted as answer
0
 
chadukaAuthor Commented:
Sorry, had almost forgotten about this.

Tx to all who gave suggestions.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.