ansaurus

Question

Getting setting cookies on different domains, with javascript or other

Answer 1

+1 A:

You could inject a script element into HEAD of the document with a callback that passes the cookie you need to whatever function needs it.

Something like:

 <script type="text/javascript">
   var newfile=document.createElement('script');
   newfile.setAttribute("type","text/javascript");
   newfile.setAttribute("src", 'http://first.com/doAjax?getCookie&amp;callback=passCookie');
   document.getElementsByTagName("head")[0].appendChild(newfile);
 </script>

And the page first.com/doAjax?getCookie could do this:

     passCookie({'name':'mycookie', 'value':'myvalue'});

Ryan Doherty 2008-12-31 05:20:53

Apparently this method only works in Firefox, i tested it in Safari and IE6, both didnt seem to be able to set/get cookies...

Luca Matteis 2008-12-31 23:20:27

Answer 2

A:

I cant use the script tag to read cookies from a different domain, right? I need to actually be on first.com to actually read its cookies, i cant just add a script tag to second.com to get the cookieData... therefore i need to use an iframe, or i dont know...

Maybe i didnt understand your answer, let me know.

Luca Matteis 2008-12-31 05:49:43

You aren't technically using a script tag to read the cookie values, the script is included into your page, therefore it is in the same scope and can call any function on second.com

Ryan Doherty 2008-12-31 06:28:51

Okay, but the script tag evaluates itself on second.com, therefore reading the cookies from second.com, not first.com

Luca Matteis 2008-12-31 16:33:17

Yes, it is evaluated, but the *contents* of the script is generated on first.com, therefore it can pass the cookie values to second.com

Ryan Doherty 2008-12-31 19:50:20

what really? does that work for setting cookies as well? is it cross-browser?

Luca Matteis 2008-12-31 20:16:58

ok thanks, i tested it and it amazingly worked! wow!

Luca Matteis 2008-12-31 22:00:57

Now I know the result of the script tag gets evaluated in the global scope, but what if im returning plain JSON like {"one":"hi"}, how am i suppose to call that if its in the global scope... i guess I could name the object like var myData = {"one":"hi"}, but maybe there's a better solution.

Luca Matteis 2008-12-31 22:02:44

Like i said above, this by the way only works in Firefox... any ideas?

Luca Matteis 2008-12-31 23:33:29

I have no idea what's going on, you'll need to do more debugging.

Ryan Doherty 2009-01-01 10:45:01

Answer 3

A:

Put this PHP-File to first.com:

//readcookie.php    
echo $_COOKIE['cookiename'];

On second.com you can use this javascript to get the value:

function readCookieCallback()
{
   if ((this.readyState == 4) && (this.status == 200))
   {
     alert("the value of the cookie is: "+this.responseText);
   } 
   else if ((this.readyState == 4) && (this.status != 200))
   {
     //error...
   }
}


function buttonClickOrAnything()
{
  var refreshObject = new XMLHttpRequest();
  if (!refreshObject)
  {
    //IE6 or older
    try
    {
      refreshObject = new ActiveXObject("Msxml2.XMLHTTP");
    }
    catch (e)
    {
      try
      {
        refreshObject = new ActiveXObject("Microsoft.XMLHTTP");
      }
      catch (e)
      {
        return;
      }
    }
  }
  refreshObject.onreadystatechange = readCookieCallback;
  refreshObject.open("GET", "http://www.first.com/readcookie.php");
  refreshObject.send();
}

Regards, Robert

Robert Wismet 2009-01-02 08:39:43

Im able to GET cookies fine with the method provided by Ryan Doherty, it seems like it SETs cookies as well on most of the browser except Safari.

Luca Matteis 2009-01-02 17:32:33

Answer 4

A:

For SETTING cookies you can change my script as follows:

The new PHP-Script:

//writecookie.php
setcookie($_GET['c'], $_GET['v']);

And the JavaScript:

function buttonClickOrAnything()
{
  var refreshObject = new XMLHttpRequest();
  if (!refreshObject)
  {
    //IE6 or older
    try
    {
      refreshObject = new ActiveXObject("Msxml2.XMLHTTP");
    }
    catch (e)
    {
      try
      {
        refreshObject = new ActiveXObject("Microsoft.XMLHTTP");
      }
      catch (e)
      {
        return;
      }
    }
  }
  refreshObject.open("GET", "http://www.first.com/writecookie.php?c=cookiename&amp;v=cookievalue");
  refreshObject.send();
}

That should work on all browsers.

Robert Wismet 2009-01-04 09:03:13

No, ajax calls aren't allowed cross-domain...

Luca Matteis 2009-01-04 17:39:38

Answer 5

A:

Hi all, I've exactly the same need and same access on first/second.com as you Luca. I've tryed Both Ryan's solution and Robert's one :

=> Ryan's works perfecly on Safari, Firefox, Chrome, but not on IE8 that never allows cookies to come or go unless you set security level to low in IE options. I've tryed to set P3P options on first.com side but nothing changed. Do you know a solution to bypass this IE8 specific issue ? I cannot decently tell people to change their security level if they use IE.

=> Robert's never retrieve the cookies the readcookie page is supposed to retrieve even if the page is correcly called. Any idea ?

Thank's a lot Vincent

Vincent Bontoux 2010-06-11 21:36:43

Hi, welcome at Stackoverflow! This isn't an answer. This is a question! Please post questions as questions by pressing `Ask Question` at right top. Feel free to include links to topics you found, but weren't helpful.

BalusC 2010-06-11 21:42:40

ansaurus

tags:

views:

answers:

Getting setting cookies on different domains, with javascript or other

related questions