PHPBuilder.com, the best resource for PHP tutorials, templates, PHP manuals, content management systems, scripts, classes and more.

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Hiermenus
DatabaseJournal
Technology Jobs

IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Covalent Extends Apache 2.0 to Microsoft ASP.NET
ShopWorX - Support for Windows
PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1
Network Risk Assessment
Full-Featured, Java-Based Apache GUI

Partners & Affiliates

Using PHP to Make Basic vCalendar/iCalendar Events
Faking It - Simulated Database Queries
IMAP Mail Reading With PHP3
Using the mysqli Interface: Basic Techniques
Optimizing Postgresql

Linux Systems Administrator
Jupitermedia
US-AZ-Tucson

Post A Job | Post A Resume

Implementing Cross-Domain Cookies

Christopher Kings-Lynne picture of Christopher

Cookies are a great invention, allowing the web developer to maintain the login status of their users. However, problems occur when your site or network has more than one domain.

The cookie specification says that any cookie set for one domain, must not be sent to any other domain. Therefore, if you set a cookie in your user's browser on one domain, that cookie will not be available on any other domain. This is a big problem, if you want your users to log in on one of your sites and still be logged in on your other domains.

My solution will use the following general framework:

A prepend script will be used that will accept the sessionid via GET or COOKIE. It will preferentially choose a GET variable over a COOKIE. Therefore, whenever we need to link across domains, we send the sessionid as a URL parameter.
The Apache configuration will be modified to do rewrites on all cross-domain cookies. The reason for this will soon become clear.
Variables will be used whenever a cross-domain href appears.

[ Next Page ]

Comments:
RE: Cross Domain	samantha	02/19/05 07:03
RE: EASIER Cross Domain	Michael	10/28/03 19:56
Setting cookies on a Linux Webserver	Siva	10/17/02 02:07
RE: expiring cookies.	Keri Henare	07/25/02 04:01
RE: (yet(yet)) another possible	Danny Tuppeny	09/12/01 09:28
RE: Great, why use rewrite at all?	Danny Tuppeny	09/12/01 09:24
RE: Why not use redirection?	Danny Tuppeny	09/12/01 09:22
expiring cookies.	nagaraj	09/12/01 05:50
RE: Privacy Concerns of John Q. Public	Jesse	08/03/01 14:49
(yet(yet)) another possible	Hugh	02/24/01 16:37
RE: Not a session	Phil Greenway	02/15/01 16:33
RE: Another method	David Davis	02/02/01 14:16
Yet another way	sander	12/16/00 15:15
RE: I think I would have...	Chris Kings-Lynne	12/04/00 21:08
RE: Another method	Matthew Kendall	12/04/00 02:26
Another method	Andrew Dickinson	12/03/00 15:09
Privacy Concerns of John Q. Public	Jim Hawley	12/02/00 11:07
Great, why use rewrite at all?	Brian Tanner	12/01/00 20:51
Why not use redirection?	Johannes Erdfelt	12/01/00 14:17
RE: Cookies	Hreinn Beck	12/01/00 04:51
I think I would have...	Paul K Egell-Johnsen	11/30/00 13:13
RE: Cross Domain	marcoBR	11/29/00 20:14
RE: Cross Domain	Robert	11/29/00 19:25
deleting cookies	Donncha O Caoimh	11/29/00 08:03
Cross Domain	Micheal O Shea	11/29/00 07:23
If you are looking for help, please post on the appropriate forum here. Your questions will be answered much more quickly. Add A Comment: Name: Email: Subject: Message: To reduce spam posts, messages are now manually approved You are not [logged in]. That means your account will not get credit for this post.

Add A Comment: