Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cookies and multiple domains

Posted on 2000-05-08
10
Medium Priority
?
288 Views
Last Modified: 2013-12-24
Say www.mysite.com just points to www.mysite.net. Then I have <cfcookie name="var1" value="value1" domain=".mysite.com">.
Obviously if someone visit www.mysite.net, the cookie is not set. Now, if someone had visited www.mysite.com and had the cookie set, what happens the next time they visit www.mysite.net?
I tried using <cfcookie name="var1" value="value1" domain=".mysite.com;.mysite.net"> but it does not recognise them. Is there something I am missing here? If so, please aid.
I also tried having <cfcookie name="var1" value="value1" domain=".mysite.com"> and <cfcookie name="var1" value="value1" domain=".mysite.net"> in one file, but it seems like the last cookie setting part is recognised.
0
Comment
Question by:chaduka
  • 5
  • 3
  • 2
10 Comments
 
LVL 2

Accepted Solution

by:
dlewis9 earned 150 total points
ID: 2789356
For security reasons, cookies can not be shared between different domains.

I believe the reason they provide the option to specify one or more domains is actually for when you are using subdomains, (ie: sub1.mysite.com; sub2.mysite.com)

Are these domains for the same site?  I'd set up my server/code to have one domain redirect you to the other address when accessed..then you would only need one set of cookies and everyone would be browsing the site through the same address.
0
 
LVL 1

Author Comment

by:chaduka
ID: 2791877
Yeah, like I said in my question, they are the same site.

Ok, the setup is like this:
...my name server has www.mysite.com as the primary name, and www.mysite.net as an alias for www.mysite.com.
On the webserver itself (WebSite Pro on WinNT), I have www.mysite.com as the name of the server with the proper IP.
Tell me what happens if someone visits www.mysite.net? Do they get routed to www.mysite.com? I need technical details on how this all works.

Thanx
0
 
LVL 1

Expert Comment

by:bigbadb
ID: 2793036
this is done through DNS.  Your ISP probably hosts your DNS.  WHat happens is that both mysite.com and mysite.net have indivudal dns records.  For each of these domains they have a specific www record which points to a ip.  So what happens is that if you hit mysite.com it transaltes this to an ip say 1.1.1.1 now if you want mysite.net to point to the same server you will update the mysite.net www record to point to the same ip 1.1.1.1 now you can refer to both requests using cookies and write only one cookie. Let me know if you have any more questions
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

 
LVL 1

Author Comment

by:chaduka
ID: 2793512
bigbadb, I understand that DNS setup. What I need to know is:
-- the webserver knows itself as www.mysite.com
-- i write CF code and set my cookies on .mysite.com
-- someone in Republic of Neverland types in their browser, http://www.mysite.net and hit the unresistable BIG key
-- will my cookies be set?
-- will the browser show (maybe in the URL field) the actual name http://www.mysite.com?

Thanx
0
 
LVL 1

Expert Comment

by:bigbadb
ID: 2793839
what you do to get around this is have a inital page which only has a redirect to your actual mysite.com page.  THen you set the cookie here.  So index.html
would have a redirect to your actual www.mysite.com/default.cfm this is where you start tracking cookies.  THen regardles of mysite.com or org or net or cc you will be set
0
 
LVL 1

Author Comment

by:chaduka
ID: 2793856
.hmmm, so basically if they visit directly to another file without going to my start page, then I am dead?
0
 
LVL 1

Expert Comment

by:bigbadb
ID: 2793868
you could prevent this by using session timeouts and forceing them to the main page if they hadnt visited the site lately.  Other than this it would probably be rare when a user would bypass your main page
0
 
LVL 2

Expert Comment

by:dlewis9
ID: 2795201
.and that would be controlled in the application.cfm file.  It could look something like this:

<!--- Setup application with 1 hour sessions --->
<CFAPPLICATION NAME="myapp" SESSIONMANAGEMENT="YES" SESSIONTIMEOUT=#CreateTimeSpan(0, 1, 0, 0)#>

<!--- Force user back to home page if not logged in --->    
<CFIF NOT IsDefined("Session.loggedin")>
  <CFLOCATION URL="http://www.mysite.com">
</CFIF>

0
 
LVL 1

Author Comment

by:chaduka
ID: 2845156
Comment accepted as answer
0
 
LVL 1

Author Comment

by:chaduka
ID: 2845157
Sorry, had almost forgotten about this.

Tx to all who gave suggestions.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever sent email via ColdFusion and thought of tracking this mail to capture the exact date and time when the message was opened ?  If yes, then this article is for you ! First we need a table user_email with columns user_id , email , sub…
Most ColdFusion developers get confused between the CFSet, Duplicate, and Structcopy methods of copying a Structure, especially which one to use when. This Article will explain the differences in the approaches with examples; therefore, after readin…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
Loops Section Overview

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question