Solved

Cookies and multiple domains

Posted on 2000-05-08
10
283 Views
Last Modified: 2013-12-24
Say www.mysite.com just points to www.mysite.net. Then I have <cfcookie name="var1" value="value1" domain=".mysite.com">.
Obviously if someone visit www.mysite.net, the cookie is not set. Now, if someone had visited www.mysite.com and had the cookie set, what happens the next time they visit www.mysite.net?
I tried using <cfcookie name="var1" value="value1" domain=".mysite.com;.mysite.net"> but it does not recognise them. Is there something I am missing here? If so, please aid.
I also tried having <cfcookie name="var1" value="value1" domain=".mysite.com"> and <cfcookie name="var1" value="value1" domain=".mysite.net"> in one file, but it seems like the last cookie setting part is recognised.
0
Comment
Question by:chaduka
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
10 Comments
 
LVL 2

Accepted Solution

by:
dlewis9 earned 50 total points
ID: 2789356
For security reasons, cookies can not be shared between different domains.

I believe the reason they provide the option to specify one or more domains is actually for when you are using subdomains, (ie: sub1.mysite.com; sub2.mysite.com)

Are these domains for the same site?  I'd set up my server/code to have one domain redirect you to the other address when accessed..then you would only need one set of cookies and everyone would be browsing the site through the same address.
0
 
LVL 1

Author Comment

by:chaduka
ID: 2791877
Yeah, like I said in my question, they are the same site.

Ok, the setup is like this:
...my name server has www.mysite.com as the primary name, and www.mysite.net as an alias for www.mysite.com.
On the webserver itself (WebSite Pro on WinNT), I have www.mysite.com as the name of the server with the proper IP.
Tell me what happens if someone visits www.mysite.net? Do they get routed to www.mysite.com? I need technical details on how this all works.

Thanx
0
 
LVL 1

Expert Comment

by:bigbadb
ID: 2793036
this is done through DNS.  Your ISP probably hosts your DNS.  WHat happens is that both mysite.com and mysite.net have indivudal dns records.  For each of these domains they have a specific www record which points to a ip.  So what happens is that if you hit mysite.com it transaltes this to an ip say 1.1.1.1 now if you want mysite.net to point to the same server you will update the mysite.net www record to point to the same ip 1.1.1.1 now you can refer to both requests using cookies and write only one cookie. Let me know if you have any more questions
0
How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

 
LVL 1

Author Comment

by:chaduka
ID: 2793512
bigbadb, I understand that DNS setup. What I need to know is:
-- the webserver knows itself as www.mysite.com
-- i write CF code and set my cookies on .mysite.com
-- someone in Republic of Neverland types in their browser, http://www.mysite.net and hit the unresistable BIG key
-- will my cookies be set?
-- will the browser show (maybe in the URL field) the actual name http://www.mysite.com?

Thanx
0
 
LVL 1

Expert Comment

by:bigbadb
ID: 2793839
what you do to get around this is have a inital page which only has a redirect to your actual mysite.com page.  THen you set the cookie here.  So index.html
would have a redirect to your actual www.mysite.com/default.cfm this is where you start tracking cookies.  THen regardles of mysite.com or org or net or cc you will be set
0
 
LVL 1

Author Comment

by:chaduka
ID: 2793856
.hmmm, so basically if they visit directly to another file without going to my start page, then I am dead?
0
 
LVL 1

Expert Comment

by:bigbadb
ID: 2793868
you could prevent this by using session timeouts and forceing them to the main page if they hadnt visited the site lately.  Other than this it would probably be rare when a user would bypass your main page
0
 
LVL 2

Expert Comment

by:dlewis9
ID: 2795201
.and that would be controlled in the application.cfm file.  It could look something like this:

<!--- Setup application with 1 hour sessions --->
<CFAPPLICATION NAME="myapp" SESSIONMANAGEMENT="YES" SESSIONTIMEOUT=#CreateTimeSpan(0, 1, 0, 0)#>

<!--- Force user back to home page if not logged in --->    
<CFIF NOT IsDefined("Session.loggedin")>
  <CFLOCATION URL="http://www.mysite.com">
</CFIF>

0
 
LVL 1

Author Comment

by:chaduka
ID: 2845156
Comment accepted as answer
0
 
LVL 1

Author Comment

by:chaduka
ID: 2845157
Sorry, had almost forgotten about this.

Tx to all who gave suggestions.
0

Featured Post

Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Server specifications for web hosting 7 96
Two nodes for updates and forwarding 8 51
Asp.net Hosting Plan security, reliable, stable 1 84
CFFILE upload help 98 207
Have you ever sent email via ColdFusion and thought of tracking this mail to capture the exact date and time when the message was opened ?  If yes, then this article is for you ! First we need a table user_email with columns user_id , email , sub…
Article by: kevp75
Hey folks, 'bout time for me to come around with a little tip. Thanks to IIS 7.5 Extensions and Microsoft (well... really Windows 8, and IIS 8 I guess...), we can now prime our Application Pools, when IIS starts. Now, though it would be nice t…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question