Making a cookie available to a sibling domain with Ember

Question

In an Ember app, we set cookies using ember-cookie . At the moment, the userToken cookie is available to www.example.com only. I need to make it available to api.example.com as well and expected below code to work: Even if domain (which is actually set through an environment variable) starts with "www", the cookie should be set one level higher (and thus be available to the api subdomain as well).

set cookieToken(token) {
  let domain = 'www.example.com';

  // Share with main domain (and API subdomain) even if host is www subdomain
  if (domain.startsWith('www')) {
    const apiSubdomain = domain.replace(/^www/, '');
    this.cookies.write('userToken', JSON.stringify(token), { path: '/', apiSubdomain })
  }
}

This approach failed, however:

• expected domain: .example.com
• observed domain: www.example.com

I also tried setting the cookie for api.example.com explicitly:

if (domain.startsWith('www')) {
  const apiSubdomain = domain.replace(/^www/, 'api');
  this.cookies.write('userToken', JSON.stringify(token), { path: '/', apiSubdomain })
}

The outcome was the same:

• expected domain: api.example.com
• observed domain: www.example.com

What can I do to make this cookie accesible for both subdomains?

Answer 1

The problem was that I didn't specify the domain key in the options hash. The following code would have worked because domain is equivalent to domain: domain :

this.cookies.write('userToken', JSON.stringify(token), { path: '/', domain })

In my case, however, I named the variable differently, so I need to specify the key explicitly:

this.cookies.write('userToken', JSON.stringify(token), { path: '/', domain: apiSubdomain })