PHPBuilder - Implementing Cross-Domain Cookies

RSS Twitter

Implementing Cross-Domain Cookies

by: Christopher Kings-Lynne
November 29, 2000

Cookies are a great invention, allowing the web developer to maintain the login status of their users. However, problems occur when your site or network has more than one domain.
The cookie specification says that any cookie set for one domain, must not be sent to any other domain. Therefore, if you set a cookie in your user's browser on one domain, that cookie will not be available on any other domain. This is a big problem, if you want your users to log in on one of your sites and still be logged in on your other domains.
My solution will use the following general framework:
  • A prepend script will be used that will accept the sessionid via GET or COOKIE. It will preferentially choose a GET variable over a COOKIE. Therefore, whenever we need to link across domains, we send the sessionid as a URL parameter.
  • The Apache configuration will be modified to do rewrites on all cross-domain cookies. The reason for this will soon become clear.
  • Variables will be used whenever a cross-domain href appears.

Next Page »

Comment and Contribute

Your comment has been submitted and is pending approval.

Christopher Kings-Lynne



(Maximum characters: 1200). You have characters left.