Solved

Cookies and multiple domains

Posted on 2000-05-08
10
284 Views
Last Modified: 2013-12-24
Say www.mysite.com just points to www.mysite.net. Then I have <cfcookie name="var1" value="value1" domain=".mysite.com">.
Obviously if someone visit www.mysite.net, the cookie is not set. Now, if someone had visited www.mysite.com and had the cookie set, what happens the next time they visit www.mysite.net?
I tried using <cfcookie name="var1" value="value1" domain=".mysite.com;.mysite.net"> but it does not recognise them. Is there something I am missing here? If so, please aid.
I also tried having <cfcookie name="var1" value="value1" domain=".mysite.com"> and <cfcookie name="var1" value="value1" domain=".mysite.net"> in one file, but it seems like the last cookie setting part is recognised.
0
Comment
Question by:chaduka
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
10 Comments
 
LVL 2

Accepted Solution

by:
dlewis9 earned 50 total points
ID: 2789356
For security reasons, cookies can not be shared between different domains.

I believe the reason they provide the option to specify one or more domains is actually for when you are using subdomains, (ie: sub1.mysite.com; sub2.mysite.com)

Are these domains for the same site?  I'd set up my server/code to have one domain redirect you to the other address when accessed..then you would only need one set of cookies and everyone would be browsing the site through the same address.
0
 
LVL 1

Author Comment

by:chaduka
ID: 2791877
Yeah, like I said in my question, they are the same site.

Ok, the setup is like this:
...my name server has www.mysite.com as the primary name, and www.mysite.net as an alias for www.mysite.com.
On the webserver itself (WebSite Pro on WinNT), I have www.mysite.com as the name of the server with the proper IP.
Tell me what happens if someone visits www.mysite.net? Do they get routed to www.mysite.com? I need technical details on how this all works.

Thanx
0
 
LVL 1

Expert Comment

by:bigbadb
ID: 2793036
this is done through DNS.  Your ISP probably hosts your DNS.  WHat happens is that both mysite.com and mysite.net have indivudal dns records.  For each of these domains they have a specific www record which points to a ip.  So what happens is that if you hit mysite.com it transaltes this to an ip say 1.1.1.1 now if you want mysite.net to point to the same server you will update the mysite.net www record to point to the same ip 1.1.1.1 now you can refer to both requests using cookies and write only one cookie. Let me know if you have any more questions
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 1

Author Comment

by:chaduka
ID: 2793512
bigbadb, I understand that DNS setup. What I need to know is:
-- the webserver knows itself as www.mysite.com
-- i write CF code and set my cookies on .mysite.com
-- someone in Republic of Neverland types in their browser, http://www.mysite.net and hit the unresistable BIG key
-- will my cookies be set?
-- will the browser show (maybe in the URL field) the actual name http://www.mysite.com?

Thanx
0
 
LVL 1

Expert Comment

by:bigbadb
ID: 2793839
what you do to get around this is have a inital page which only has a redirect to your actual mysite.com page.  THen you set the cookie here.  So index.html
would have a redirect to your actual www.mysite.com/default.cfm this is where you start tracking cookies.  THen regardles of mysite.com or org or net or cc you will be set
0
 
LVL 1

Author Comment

by:chaduka
ID: 2793856
.hmmm, so basically if they visit directly to another file without going to my start page, then I am dead?
0
 
LVL 1

Expert Comment

by:bigbadb
ID: 2793868
you could prevent this by using session timeouts and forceing them to the main page if they hadnt visited the site lately.  Other than this it would probably be rare when a user would bypass your main page
0
 
LVL 2

Expert Comment

by:dlewis9
ID: 2795201
.and that would be controlled in the application.cfm file.  It could look something like this:

<!--- Setup application with 1 hour sessions --->
<CFAPPLICATION NAME="myapp" SESSIONMANAGEMENT="YES" SESSIONTIMEOUT=#CreateTimeSpan(0, 1, 0, 0)#>

<!--- Force user back to home page if not logged in --->    
<CFIF NOT IsDefined("Session.loggedin")>
  <CFLOCATION URL="http://www.mysite.com">
</CFIF>

0
 
LVL 1

Author Comment

by:chaduka
ID: 2845156
Comment accepted as answer
0
 
LVL 1

Author Comment

by:chaduka
ID: 2845157
Sorry, had almost forgotten about this.

Tx to all who gave suggestions.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A web service (http://en.wikipedia.org/wiki/Web_service) is a software related technology that facilitates machine-to-machine interaction over a network. This article helps beginners in creating and consuming a web service using the ColdFusion Ma…
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question