Domain problem.
Hi experts,
I'm trying to acsess a cookie created for domain ".xyz" in another domain ".abc". Is it possible. If yes or if no can you provide any location/url where I can get complete information about this issue.
Also I want the specification for identifing a valid domain name,
like is ".abc" a valid domain name only ,"com", ".edu" etc. are the only valid domain names. It would be great if you can provide any link or url where I can get the complete information.
Karan
I'm trying to acsess a cookie created for domain ".xyz" in another domain ".abc". Is it possible. If yes or if no can you provide any location/url where I can get complete information about this issue.
Also I want the specification for identifing a valid domain name,
like is ".abc" a valid domain name only ,"com", ".edu" etc. are the only valid domain names. It would be great if you can provide any link or url where I can get the complete information.
Karan
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.shauninman.com/plete/2006/05/validating-domain-names
Someone there also brings up the very valid point that this will block IP addresses, which may not be satisfactory :-(
Tim
Someone there also brings up the very valid point that this will block IP addresses, which may not be satisfactory :-(
Tim
...bah ;-)
He he.... no problemo (like Arnold in Terminator 2)
ASKER
Is Cookie formed by
http://abc.us.xyz website accessible to
http://mno.ca.xyz ?
If yes , how?
If no, then what to do?
In above URL what is domain? is it .us.xyz or .xyz?
What makes valid domain extention?
http://abc.us.xyz website accessible to
http://mno.ca.xyz ?
If yes , how?
If no, then what to do?
In above URL what is domain? is it .us.xyz or .xyz?
What makes valid domain extention?
No, it should not be accessible.
For domain extension, I don't think there are any rules other than what I posted above.
For domain extension, I don't think there are any rules other than what I posted above.
>> If no, then what to do?
What are you trying to do? Share data between websites?
What are you trying to do? Share data between websites?
ASKER
>>What are you trying to do? Share data between websites?
Yes, cookie data.
Yes, cookie data.
So you're trying to read cookie data from someone elses website?
You can't :-(
If both websites belong to you, then you may be able to do some sort of message passing between them to tie users together and share user data that way, but you can't just read cookies written by other sites...
It would be a huge security hole if you could...
Tim
You can't :-(
If both websites belong to you, then you may be able to do some sort of message passing between them to tie users together and share user data that way, but you can't just read cookies written by other sites...
It would be a huge security hole if you could...
Tim
ASKER
Ya Tim,
Your second point is correct ,
What kind of message do I need to pass ?
Your second point is correct ,
What kind of message do I need to pass ?
It could be through a web-service or simply an HTTP post that you can send to a web-site:
http://www.javaalmanac.com/egs/java.net/Post.html
http://www.javaalmanac.com/egs/java.net/Post.html
If you have a single user database, then it will become easier, as user id credentials will be the same on both sites...
ASKER
Didnt get your point?
Can you explain properly what data it is you're trying to share?
We're shooting in the dark with suggestions otherwise
We're shooting in the dark with suggestions otherwise
ASKER
My application is accessible through more than one domain. Domains are region specific, region most of the time are locale. Earlier my application was creating cookies which were accessible by that domain only eg ".ab.pqrs". Now I want the cookies generated in ".ab.pqrs" to be accessible by another domain ".ed.pqrs". From the above discussion it is clear that one cookie of one domain is not accessible by another domain. But my requirements are such that I want alternative for it.
Cookie basically contains information related to user preferences for the user who logged in like country, locale, few numbers used by application, etc.
I want to know how can I do this?
Cookie basically contains information related to user preferences for the user who logged in like country, locale, few numbers used by application, etc.
I want to know how can I do this?
why not store these preferences in a database shared between the webapps?
Then when a user logs in, the cookie can just store their session id, and their preferences can be loaded from the database, no matter which site they log in to...
Tim
Then when a user logs in, the cookie can just store their session id, and their preferences can be loaded from the database, no matter which site they log in to...
Tim
ASKER
In my case I can't store in Database. It should be handled throughs cookies only.
It should be handled as request parameters then, I guess.
>> It should be handled throughs cookies only.
The problem is, it can't be
The problem is, it can't be
ASKER