You can't do it with mod_alias (Redirect 301), but you can do it with mod_rewrite.

Use a RewriteCond to examine %{HTTP_COOKIE}, extract the data that needs to be passed, and then back-reference that subpattern in the query string of the RewriteRule's substitution URL using %1, %2, etc. as needed.

Make sure you're not 'exposing' any data to the other server (and all network nodes in-between) that might be considered 'private.' If you do, then this needs to be detailed in your privacy policy pages (both html and xml), and in your compact privacy policy headers. If you do business in the E.U., be very careful, as their laws are quite strict.

I'm giving this detailed heads-up because normally cookie data is available *only* to the domain that sets the cookie. And in this case, you may be essentially short-circuiting users' control over their cookie data. A court summons from Amsterdam or Brussels can be expensive -- even if just considering the air-fare and time lost...

Jim

Also be aware that someone arriving at the second site, saying they had a valid cookie value from the other site may not have actually have one.

In other words this could be quite easy to fake - unless you take extra steps to ensure that the other site really did issue the value you are given.

Hmm, no worries about exposing data, but it does seem a little fraught with pitfalls. I'll give it a whirl and see how I go. Thanks for your replies guys :-)