Can you set a cookie only for domain.tld and www.domain.tld so that if you go to any other subdomain (bla.doamin.tld for example) the cookie won't be set?
+1
A:
Only if you specify .domain.tld a cookie works for all sub-domains. Setting the cookie for www.domain.tld AND domain.tld should be just what you need.
Matthias
2009-06-10 13:41:55
A:
I think this isn't possible. I would abstract your cookie-setting-functionality and just set two cookies. One for www.example.org and one for example.org.
Philippe Gerber
2009-06-10 13:46:04
A:
You can do this. It's mentioned in this cookie spec: http://curl.haxx.se/rfc/cookie_spec.html
When searching the cookie list for valid cookies, a comparison of the domain attributes of the cookie is made with the Internet domain name of the host from which the URL will be fetched. If there is a tail match, then the cookie will go through path matching to see if it should be sent. "Tail matching" means that domain attribute is matched against the tail of the fully qualified domain name of the host. A domain attribute of "acme.com" would match host names "anvil.acme.com" as well as "shipping.crate.acme.com".
Joe Freeman
2009-06-10 13:53:51