I have two web sites, both of the websites under same domain.
first URL - https://www.fat.service.map.global.com:24536 sets a cookie in the parent domain as, ( name=lang, value=en, domain=.global.com
).
Second URL - https://fat.test.service.global.com needs to access this same cookie. But the cookie is not visible (null) from the backend code of the second URL.
But when I checked the cookie within Firebug it shows me the value of the cookie with the domain value as .global.com
(which is correct)
So why I cannot access the cookie within the backend of the second URL??
Can anyone shed some light on this...?
Your assumption about .global.com
is correct, but there are more things to consider when setting a cookie. Ie the cookie may be restricted to a specific port (when the cookie is set via a Set-Cookie2
header, see RFC 2965 ) or path, for example.
I've tested your case using Apache + PHP on my local machine, and it worked fine for me.
My Apache configuration:
# Listen on different ports
Listen 80
Listen 24536
# Listen for virtual host requests on all IP addresses
NameVirtualHost *:80
NameVirtualHost *:24536
<VirtualHost *:24536>
DocumentRoot /path/to/my/document/root
ServerName www.fat.service.map.global.com
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /path/to/my/document/root
ServerName fat.test.service.global.com
</VirtualHost>
Created a PHP script 'test.php' in the document root containing this:
<?php
// Output all cookies
var_dump($_COOKIE);
// Set the cookie when the host is 'www.fat.service.map.global.com'
if (strpos($_SERVER['HTTP_HOST'], 'www.fat.service.map.global.com') !== false) {
setcookie('lang', 'en', time() + 3600, '/', '.global.com');
}
?>
This generates the following header for setting the cookie:
Set-Cookie: lang=en; expires=Sat, 27-Feb-2016 09:23:33 GMT; Max-Age=3600; path=/; domain=.global.com
and gave me the following output for both domains:
The only difference to your configuration is that I am not using HTTPS, ie I'm not using port 443 for the second virtual host. Though I believe that doesn't make any difference, as both of your domains are served via HTTPS.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.