Cross Domain Cookies Problem (ASP.NET)

Question

Hi guys, i have a problem with cross-domain cookies. I read a lot of documentation about sharing cookies between subdomains. The main idea of all articles is set Domain property to something like ".mydomain.com". I've created two domains on local IIS server - test1.local.boo and test2.local.boo. They works great and visible with browser. I have the following code:

Site test1 - Writes cookie:

HttpCookie myCookie = new HttpCookie("TestCookie");
myCookie.Domain = ".local.boo";
myCookie["msg"] = "Welcome from Cookie";
Response.Cookies.Add(myCookie);

Site test2 - Reads cookie:

HttpCookie cookie = Request.Cookies["TestCookie"];
if (cookie != null)
{
    Response.Write(cookie["msg"]);
}
else
{
    Response.Write("FAILED");
}

This code always shows FAILED message. So it means that second site can't read cookie from the same subdomain. Where is my mistake??

Answer 1

Try setting the expires attribute or its possible that its deleted when the usersession ends.

Answer 2

You can check if the cookie headers are being returned by the browser by using a web debugger such as fiddler.

It will show you the headers and cookies sent for every request and response, so you can see if the correct domain has been set and what happens with the request to the second domain.

Answer 3

Try setting the expiration date to some point in the future:

cookie.Expires = DateTime.Now.AddYears(5);

Answer 4

Hmm...The problem was in browser...Opera browser doesn't send cookie to other site on the same subdomain. Firefox and IE works great. Anyway, thank you guys!

Some notes: if you want remove such cookie from other subdomain then you need to set a Domain property to something like: .mydomain.com - i've spend a lot of time by trying to figure it out. Hope it helps for somebody

Answer 5

You are right the only issue in cross domain cookie is the domain part in cookie.. i think you should try some cookie helpers available on net to reduce code error and if it works try reading the helper code..... http://codeigniter.com/user_guide/helpers/cookie_helper.html

Regards

Answer 6

In IIS 7

Add this to your web.config

<system.webserver>
    <httpProtocol>
        <customHeaders>
            <add name="p3p" value="CP=&quot;NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM&quot;" />
        </customHeaders>
    </httpProtocol>
</system.webServer>

In II6.

• Run inetmgr
• Expand [Server] > Web Sites
• Right clic in [Your site]
• Properties
• HTTP Headers
• Add...
• Custom header name: p3p
• Custom header value: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
• OK
• OK