Can a cookie be valid for more than one domain? - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23) +--- Thread: Can a cookie be valid for more than one domain? (/showthread.php?tid=4628) |
Can a cookie be valid for more than one domain? - El Forum - 12-06-2007 [eluser]europe72[/eluser] Technically no, but... My question is because my site is hosted in a shared environment, my non secure and secure sections of my site are on different domains. Specifically my non secure section is at http://www.domain.tld while my secure is at https://hosting-provider.domain.tld. I set my cookie in the non secure section, but need it to be valid in the secure section as well...any ideas? Thanks Can a cookie be valid for more than one domain? - El Forum - 12-06-2007 [eluser]tonanbarbarian[/eluser] Technically what you are wanting the cookie to be valid across mutliple hostnames on the same domain This is certainly possible From http://ellislab.com/codeigniter/user-guide/helpers/cookie_helper.html Code: $cookie = array( so if you set the domain parameter to '.domain.tld' it should work in both www and hosting-provider Can a cookie be valid for more than one domain? - El Forum - 12-06-2007 [eluser]ejangi[/eluser] There are known issues with sessions/cookies across HTTP and HTTPS. I'm not sure if/how CI manages this and I couldn't even find a decent PHP snippet for you, but there is a thread here that may be of help. Can a cookie be valid for more than one domain? - El Forum - 12-06-2007 [eluser]europe72[/eluser] Actually my example was incorrect. Sorry about that. I didn't realize that I used the same domain for both. Consider the same issue with domain.tld vs hosting-provider.provider.tld Thanks Can a cookie be valid for more than one domain? - El Forum - 12-06-2007 [eluser]tonanbarbarian[/eluser] You could probably do the following but it is a MAJOR security risk Code: $cookie = array( This would be the same as saying that the cookie is valid for all .com domains. As you can imagine not a good idea. You probably need to create 2 cookies in this case 1 for each domain. |