Solved

Domain problem.

Posted on 2006-06-12
21
227 Views
Last Modified: 2010-03-31
Hi experts,
  I'm trying to acsess a cookie created for domain ".xyz" in another domain ".abc". Is it possible. If yes or if no can you provide any location/url where I can get complete information about this issue.

Also I want the specification for identifing a valid domain name,
like is ".abc" a valid domain name only ,"com", ".edu" etc. are the only valid domain names. It would be great if you can provide any link or url where I can get the complete information.

Karan
0
Comment
Question by:Manish
  • 9
  • 7
  • 5
21 Comments
 
LVL 35

Accepted Solution

by:
TimYates earned 65 total points
ID: 16884006
Not possible...

Cookies are private to the domain that created them...

For obvious reasons :-)

Tim
0
 
LVL 11

Author Comment

by:Manish
ID: 16884048
What about valid domain name q?
0
 
LVL 30

Assisted Solution

by:Mayank S
Mayank S earned 35 total points
ID: 16884061
http://support.rapidsystem.net/ntfaq/r80.html says "The rules are 67 characters including the extension (e.g. .com, .net, .org, etc.). The domain name without the extension can be up to 63 characters. Only 0-9, a-z and the dash "-" are valid characters. The domain name cannot start or end with a dash."

http://www.digitaldaze.com/servers/support/help/dns_valid.html

http://www.shauninman.com/plete/2006/05/validating-domain-names

probably this is the most comprehensive one:

http://www.101domain.com/domain_help_faq_19.htm
0
 
LVL 35

Expert Comment

by:TimYates
ID: 16884062
http://www.shauninman.com/plete/2006/05/validating-domain-names

Someone there also brings up the very valid point that this will block IP addresses, which may not be satisfactory :-(

Tim
0
 
LVL 35

Expert Comment

by:TimYates
ID: 16884065
...bah ;-)
0
 
LVL 30

Expert Comment

by:Mayank S
ID: 16884068
He he.... no problemo (like Arnold in Terminator 2)
0
 
LVL 11

Author Comment

by:Manish
ID: 16891929
Is Cookie formed by
     http://abc.us.xyz website accessible to
     http://mno.ca.xyz ?
If yes , how?
If no,  then what to do?

In above URL what is domain? is it .us.xyz or .xyz?
What makes valid domain extention?
0
 
LVL 30

Expert Comment

by:Mayank S
ID: 16891975
No, it should not be accessible.

For domain extension, I don't think there are any rules other than what I posted above.
0
 
LVL 35

Expert Comment

by:TimYates
ID: 16892131
>> If no,  then what to do?

What are you trying to do?  Share data between websites?
0
 
LVL 11

Author Comment

by:Manish
ID: 16892230
>>What are you trying to do?  Share data between websites?
Yes, cookie data.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 35

Expert Comment

by:TimYates
ID: 16892241
So you're trying to read cookie data from someone elses website?

You can't :-(

If both websites belong to you, then you may be able to do some sort of message passing between them to tie users together and share user data that way, but you can't just read cookies written by other sites...

It would be a huge security hole if you could...

Tim
0
 
LVL 11

Author Comment

by:Manish
ID: 16892272
Ya Tim,
  Your second point is correct ,
What kind of message do I need to pass ?
0
 
LVL 30

Expert Comment

by:Mayank S
ID: 16892304
It could be through a web-service or simply an HTTP post that you can send to a web-site:

http://www.javaalmanac.com/egs/java.net/Post.html 
0
 
LVL 35

Expert Comment

by:TimYates
ID: 16892333
If you have a single user database, then it will become easier, as user id credentials will be the same on both sites...
0
 
LVL 11

Author Comment

by:Manish
ID: 16892339
Didnt get your point?
0
 
LVL 35

Expert Comment

by:TimYates
ID: 16892377
Can you explain properly what data it is you're trying to share?

We're shooting in the dark with suggestions otherwise
0
 
LVL 11

Author Comment

by:Manish
ID: 16892602
My application is accessible through more than one domain. Domains are region specific, region most of the time are locale. Earlier my application was creating cookies which were accessible by that domain only eg ".ab.pqrs". Now I want the cookies generated in ".ab.pqrs" to be accessible by another domain ".ed.pqrs". From the above discussion it is clear that one cookie of one domain is not accessible by another domain. But my requirements are such that I want alternative for it.
Cookie basically contains information related to user preferences for the user who logged in like country, locale, few numbers used by application, etc.
I want to know how can I do this?
0
 
LVL 35

Expert Comment

by:TimYates
ID: 16892628
why not store these preferences in a database shared between the webapps?

Then when a user logs in, the cookie can just store their session id, and their preferences can be loaded from the database, no matter which site they log in to...

Tim
0
 
LVL 11

Author Comment

by:Manish
ID: 16893088
In my case I can't store in Database. It should be handled throughs cookies only.
0
 
LVL 30

Expert Comment

by:Mayank S
ID: 16893135
It should be handled as request parameters then, I guess.
0
 
LVL 35

Expert Comment

by:TimYates
ID: 16893139
>> It should be handled throughs cookies only.

The problem is, it can't be
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
json example 39 135
what is a "java.lang.System Property"   ? 20 58
maven project error 5 48
tomcat not starting 6 32
An old method to applying the Singleton pattern in your Java code is to check if a static instance, defined in the same class that needs to be instantiated once and only once, is null and then create a new instance; otherwise, the pre-existing insta…
Go is an acronym of golang, is a programming language developed Google in 2007. Go is a new language that is mostly in the C family, with significant input from Pascal/Modula/Oberon family. Hence Go arisen as low-level language with fast compilation…
Viewers learn about the “for” loop and how it works in Java. By comparing it to the while loop learned before, viewers can make the transition easily. You will learn about the formatting of the for loop as we write a program that prints even numbers…
Viewers will learn about basic arrays, how to declare them, and how to use them. Introduction and definition: Declare an array and cover the syntax of declaring them: Initialize every index in the created array: Example/Features of a basic arr…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now