6 Replies Latest reply on Dec 20, 2006 2:13 AM by Joe_Krako

    Can 2 websites share the same cookie?

    Joe_Krako
      Hi,

      Can two different websites share the same cookie?

      For example, Blah-Forums.com and Blah-Store.com are interlinked and share the same
      audience. When a person signs on at Blah-Forums.com, I want to make it so that he/she
      can move to Blah-Store.com and retrieve their cart items from Blah-Store.com without having
      to sign on again.

      Can this be done?

      Thanks in advance,

      Joe








        • 1. Re: Can 2 websites share the same cookie?
          Level 7
          No, websites can not share cookies unless they are subdomains on the
          same domain. This is by design of the cookies.

          But there are ways to share information to create single point login
          systems.
          • 2. Re: Can 2 websites share the same cookie?
            MikerRoo Level 1
            Also, If the sites happen to share the same IP, they can share cookies.
            • 3. Re: Can 2 websites share the same cookie?
              Joe_Krako Level 1
              Hi MikerRoo,

              My websites will have the same IP address.
              How do I go about having them share cookies?
              Do I do something in the Application.cfm file?

              Thanks,

              Joe
              • 4. Re: Can 2 websites share the same cookie?
                Kronin555 Level 1
                Cookies get set, and are sent back, based on the domain name of the resource that is setting the cookie.

                If the page that sets the cookie was requested as:
                http://www.mydomain.com/foo.cfm
                then the cookie will be set on www.mydomain.com.
                (Note: alternately, you can specify that you want the cookie to be set on the domain without including the subdomain. In that case, the cookie would be set on mydomain.com and the browser would return that cookie for any requests to mydomain.com, or *.mydomain.com)

                If the page that sets the cookie was requested as:
                http://192.168.1.1/foo.cfm
                then the cookie will be set on 192.168.1.1.

                Web browsers only send cookies back to servers when the domain being requested matches one of the domains in one of the cookies. So a subsequent request to www.mydomain.com will send the first cookie, and a subsequent request to 192.168.1.1 will send the second cookie.

                Web browsers don't do a DNS lookup of the domain and also send the cookies corresponding to that IP address.
                • 5. Re: Can 2 websites share the same cookie?
                  MikerRoo Level 1
                  Like Kronin said, you have to have the browser request something from your IP rather than your domain.

                  You can make this less obvious with clever redirects and/or Ajax.

                  BTW, I don't recommend any of that, I was just pointing out one other way that sites could share cookies.

                  The simplest thing would be for you to choose domains carefully (forums.blah.com, store.blah.com, etc.). That way you could set cookies readable by anything at blah.com.

                  Otherwise, Ian was right to suggest you find a different way to provide a single-point sign in. There are a variety of schemes. Search around.

                  • 6. Re: Can 2 websites share the same cookie?
                    Joe_Krako Level 1
                    Thanks for all of the good information everyone.

                    Yeah ok, I guess I'll go with this:

                    www.Blah-Forums.com redirects to Forums.Blah.com
                    but with a skin that says Blah-Forums.com
                    www.Blah-Store.com redirects to Store.Blah.com
                    but with a skin that says Blah-Store.com

                    Thanks again everyone,


                    Joe