Hey,
When I log onto some sites, ex. http://mysite.com and then go to http://www.mysite.com, I'm not logged in? But if I switch back to http://mysite.com (without the www's) I'm logged in again?
Anyone know why this is or how to make it so that if you log in on one, you're logged in on both?
Thanks,
Matt
When cookies are set, they default to a path, which can either be restricted to some subdomains or be inclusive for all subdomains.
Here, you are trying to read cookies from different subdomains, and, presumably, they can't be accessed because they were set on another subdomain, without specifying that they can be used on the www. subdomain.
The two URLs www.mysite.com and mysite.com are separate domains (well a domain and a sub domain). Typically sites will have both domains directed at the same site - so users of the site don't get confused. Probably when you login a cookie is set on your browser to identify you but it is associated with only the domain in which you logged in. This would be expected behaviour.
The login session via cookie is tied to the domain name. "www.sitename.com" and "sitename.com" are essentially different names.
One quick way is to redirect all request from one site to the other and have a consistent domain name.
If a cookie is set without specifying the domain property, the browser associates it with the domain from which it was set.
If you want to set a cookie -- including the cookie that's used to hold a session ID -- with all subdomains, you would need to set the domain property to ".domain.com" -- note the leading dot, which allows the browser to match any domain that ends with domain.com.
Having said that, a better solution is to force users to one domain or the other, and to not allow both (perhaps by redirecting from one to the other). If you do allow both, then the user can end up downloading cacheable objects more than once, instead of using them from cache.