Re: cookie question

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Adrian (Adrian_at_nospamhotmail.com.uk)
Date: 11/11/04

Next message: Don Varnau: "Re: Internet Explorer Is DEAD!"
Previous message: Frank Saunders, MS-MVP IE/OE: "Re: Run-time error, do you want to de-bug"
In reply to: daniel kaplan: "cookie question"
Messages sorted by: [ date ] [ thread ]

Date: Thu, 11 Nov 2004 23:21:12 +0000 (UTC)

Cookies are only (should only) be readably from the domain that wrote them,
it is possible to allow any domain from the top down to have access or to
limit it to the sub domain that wrote it depending on how the cookie is
written; So a cookie written from xyz.abc.com can be written so it is
readably only from xyz.abc.com or abc.com.

It would seem the easier approach would to check the top level domain and if
it doesn't match your primary name then redirect a user to you primary then
you will always have access to your cookies!

So check the URL using window.location and if its not the correct location
use window.location.replace to ensure all users enter via the same domain
name.

"daniel kaplan" <nospam@nospam.com> wrote in message
news:1100058841.764900@nntp.acecape.com...
> some people are having a cookie problem on my companies website, and here
> is
> where i MAY have foudn the problem (our tech guy is MIA, long story)
>
> let's say this is my website: www.AcmeFive.com
>
> you can still get to it via: http://AcmeFive.com and www.Acme5.com and
> so on and so on
>
> it is possible, not fully confirmed, that unless you go to my website via
> the top way (www.AcmeFive.com) you will experience some cookie problems.
>
> does this make sense? i am just getting into the WEB side of things and
> seem to recall that webbrowsers KNOW how you got into them, and wonder if
> you can program it so that unless the user types the PROPER web address,
> that there woudl be headaches.
>
> i hope this post makes sense,
>
> thanks ahead, as always
>
>

Next message: Don Varnau: "Re: Internet Explorer Is DEAD!"
Previous message: Frank Saunders, MS-MVP IE/OE: "Re: Run-time error, do you want to de-bug"
In reply to: daniel kaplan: "cookie question"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: Redirect from secure server to unsecure server after login.
... OK - this is a cookie problem. ... you have to set the domain property in forms authentication to ".domain.com" - this should fix the problem. ... redirected )to the secure server to login. ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: Session ID changed everytime go to new page or reload.
... be passed by the browser between hosts. ... the problem disappear (session id remains ... There should be one cookie for each domain. ... usually a cookie problem, assuming you are not trying to use ...
(comp.lang.php)
Re: Session ID changed everytime go to new page or reload.
... There should be one cookie for each domain. ... to maintain a single session across multiple servers. ... usually a cookie problem, assuming you are not trying to use ...
(comp.lang.php)
Re: YANDEX cookie
... Now there is a cookie from narod.ru ... > Note the reference to a Russian site and YANDEX is apparently a ... > removed yet my cookie problem remains. ...
(microsoft.public.windowsxp.security_admin)
cookie question
... some people are having a cookie problem on my companies website, ... where i MAY have foudn the problem (our tech guy is MIA, ... you can program it so that unless the user types the PROPER web address, ...
(microsoft.public.windows.inetexplorer.ie6.browser)