Session cookies lack the ability to set the domain #104

Open
cimmanon opened this Issue Feb 7, 2014 · 3 comments

Comments

Projects
None yet
3 participants
@cimmanon

cimmanon commented Feb 7, 2014

The site I'm working on makes use of subdomains. We would like to allow our users to login once and have that session persist across all subdomains in addition to the primary domain. Currently, session cookies are set for the domain that was used when the session was started.

@ozataman

This comment has been minimized.

Show comment
Hide comment
@ozataman

ozataman Feb 8, 2014

Member

I am not even sure if what you suggest is possible. Can a cookie have more than one domain? I've never had to do it that way, so I'm not sure. You typically end up playing some iframe tricks to achieve that kind of cross-domain integration...

Member

ozataman commented Feb 8, 2014

I am not even sure if what you suggest is possible. Can a cookie have more than one domain? I've never had to do it that way, so I'm not sure. You typically end up playing some iframe tricks to achieve that kind of cross-domain integration...

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Feb 10, 2014

You just set the cookie's domain to .example.com and it will be sent to all subdomains of example.com.

ghost commented Feb 10, 2014

You just set the cookie's domain to .example.com and it will be sent to all subdomains of example.com.

@sopvop

This comment has been minimized.

Show comment
Hide comment
@sopvop

sopvop Jun 4, 2015

Contributor

@amontague is absolutely right here. rfc6265

Contributor

sopvop commented Jun 4, 2015

@amontague is absolutely right here. rfc6265

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment