Drupal no cookie session management

Posted on 2014-08-29
Last Modified: 2014-09-25
Drupal uses cookie based session management.
Our application is embedded in other applications, such as Facebook, iFrame....
Users browser blocks 3rd-party cookie. So Drupal cookie based session management does not work.

How to develop a no cookie session management for Drupal website ?

For example, the following is some information.
This is a sandbox project.
Helps you bypass cookie based session management on your Drupal site.
This is good approach for embedded sites, for example Facebook iframe based embedded applications
which will allow you to implement fully functional Drupal site within iframe avoiding problems
with browser cross-domain cookie restrictions.
Question by:drupal_100
    LVL 107

    Accepted Solution

    I think this is an impractical goal.  PHP has session management that uses the URL to carry the SID.  But nobody does that any more; cookies are the industry standard.  You cannot use most of the WWW if your browser does not accept and return cookies (or run JavaScript).  Sites like Facebook, Google, eBay, etc., all expect and require cookies.  The Veljko Popovic code is incomplete and unworkable. Cross-domain restrictions are a central part of HTTP security.  The only way around these restrictions is to join an advertising network like DoubleClick.

    Here are the references you would need to understand to have a clear view of what's going on with cookies in session management.
    HTTP Protocols
    PHP Session Management

    After you read those, you will probably have a better understanding of why my recommendation is "Don't do this - it doesn't work that way!"

    Author Comment

    The application is embedded in applications like Facebook , I frame
    The cookie for our application is third party cookie in this situation. User browser blocks third party cookie. Therefore our drupal application does not work as it uses cookie based session . So need to make drupal work in no cookie session way. Try to use query string to bypass the cookie based session management.
    So the issue is our drupal apps is third party cookie and blocked by user browser.
    LVL 107

    Expert Comment

    by:Ray Paseur
    I understand the issue.  Drupal is not made to work that way.  About all you can do is tell your clients that they must allow 3rd-party cookies.  And that announcement will probably drive a lot of them away.  Sorry.
    LVL 58

    Expert Comment

    I've requested that this question be closed as follows:

    Accepted answer: 500 points for Ray Paseur's comment #a40294778

    for the following reason:

    This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    In Part 1 ( we covered the hexagonal maze basics -- how the cells are represented in a JavaScript array and how the maze is displayed.  In this part, we'…
    International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
    Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
    The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now