Can a cookie be valid for more than one domain? |
[eluser]europe72[/eluser]
Technically no, but... My question is because my site is hosted in a shared environment, my non secure and secure sections of my site are on different domains. Specifically my non secure section is at http://www.domain.tld while my secure is at https://hosting-provider.domain.tld. I set my cookie in the non secure section, but need it to be valid in the secure section as well...any ideas? Thanks
[eluser]tonanbarbarian[/eluser]
Technically what you are wanting the cookie to be valid across mutliple hostnames on the same domain This is certainly possible From http://ellislab.com/codeigniter/user-gui...elper.html Code: $cookie = array( so if you set the domain parameter to '.domain.tld' it should work in both www and hosting-provider
[eluser]ejangi[/eluser]
There are known issues with sessions/cookies across HTTP and HTTPS. I'm not sure if/how CI manages this and I couldn't even find a decent PHP snippet for you, but there is a thread here that may be of help.
[eluser]europe72[/eluser]
Actually my example was incorrect. Sorry about that. I didn't realize that I used the same domain for both. Consider the same issue with domain.tld vs hosting-provider.provider.tld Thanks
[eluser]tonanbarbarian[/eluser]
You could probably do the following but it is a MAJOR security risk Code: $cookie = array( This would be the same as saying that the cookie is valid for all .com domains. As you can imagine not a good idea. You probably need to create 2 cookies in this case 1 for each domain. |
Welcome Guest, Not a member yet? Register Sign In |