tags:

views:

93

answers:

1
Q: 

Cross-Domain Cookie Problem

Hi Guys,

I have a domain A.com [my website] and a remote website B.com which integrates an iframe from my domain [A.com] with a piece of javascript.

I want to share cookies across these domains [within the iframe]? How would I go about doing this so it works properly? I thought A.com and B.com are in the same-origin policy ?

A: 

How is a.com and b.com same origin? They are different domains. You can't share cookies that way. For example:

  • example.com
  • fritters.com

Can not share cookies even if fritters.com is in an iframe inside example.com.

  • fred.example.com
  • www.example.com

can share domain cookies because they are both the same domain (example.com) but have different subdomains, so you can assign the cookie to *.example.com.

Erik  2010-05-31 07:37:49
thanks for the response. i thought the iframe and A.com were in the same-origin policy ? since the iframe is loading content from a.com?
Frederick  2010-05-31 09:57:32
is it possible to then share cookies between something served FROM example.com inside an iframe on fritters.com ?
Frederick  2010-05-31 10:02:30
No, its not. No matter what example.com cookies can only be accessed by javascript running on a page on example.com. It doesn't matter if fritters.com frames example.com's page, fritters.com NEVER gets access to example.com's cookies. Same origin policy means exactly that - the cookie is only available to the domain which originated it.
Erik  2010-05-31 10:42:25
hey - i thought P3P policy would allow this exact type of thing to occur ?
Frederick  2010-05-31 13:54:49

related questions

Cross Browser Flash Detection in Javascript
Which web browsers natively support Array.forEach()
What's the CSS Filter alternative for Firefox?
How to get a reference to the currently focused form field in JavaScript?
Testing for multiple screens with javascript
What can cause mutated Flash display like this?
Why do Chrome, Firefox and IE all render fixed-width SELECT controls differently?
Seeking CSS Browser compatibility information for setting width using left and right
Retrieve Web Browser Stored Form Data?
Removing blotchiness on transparent PNGs filtered with additional opacity in IE
What Cross-Browser Javascript Libraries Are Out There?
What are all the valid self-closing tags in XHTML (as implemented by the major browsers)?
What debug logging tools are available from Javascript?
What is the simplest and best tool for real-time tweaking of CSS in IE6, similar to what Firebug does for Firefox?
CSS "frameworks" that account for browser irregularities?
Does "display: marker" work in any current browsers, and if so, how?
In HTML, what should happen to a selected, disabled option element?
Developing a online exam application, how do I prevent cheaters?
Is there a browser equivalent to IE's ClearAuthenticationCache?
How do I get the coordinates of the caret in text boxes?
When do you use sIFR?
What is your experience using the TIBCO General Interface?
Displaying vector graphics in a browser
How important is W3C XHTML/CSS validation when finalizing work?
What is the best way to create rounded corners using CSS?