Cookies in ASP

Forum Moderators: open

Message Too Old, No Replies

Cookies in ASP

.domain attribute

mattglet

1:56 pm on May 8, 2003 (gmt 0)

does anyone have any experience using the .domain attribute of the response.cookies collection? i have been through MUMEROUS sites trying to get a glimpse on how this works. i have seen a few sites that say you can't set the .domain attribute to something outside of your site, although i challenge their credibility. other sites say that you can assign ANY domain. but my problem is that all the major reference sites don't say either way!

does anyone have any input?

-Matt

BlobFisk

11:32 am on May 9, 2003 (gmt 0)

Hey mattglet,

I've never used it myself, but there are some interesting and (hopefully) helpful pages returned by Google [google.com].

You probably can set the cookie to any domain, but then that cookie will only be readable by that domain.

mattglet

1:46 pm on May 9, 2003 (gmt 0)

blobfisk-
that's the whole idea :)

- although i do very much appreciate your try, i have already been through NUMEROUS sites trying to figure this one out (as stated in my primary post). i'm trying to get some advice from someone who has had personal experience. thanks for your help otherwise.

-Matt

makeupalley

5:29 am on May 10, 2003 (gmt 0)

Hi There,

I'm new here but maybe I can help.

REM *** Begin Example ***

Response.Cookies("MyCookieName") = "This is the value to be stored"
Response.Cookies("MyCookieName").Domain = ".mydomain.com"
Response.Cookies("MyCookieName").Path = "/"
Response.Cookies("MyCookieName").Expires = date+365

REM *** End Example ***

This example will set a cookie named "MyCookieName" valid
for all sub domains of mydomain.com for one year from the date it was set.

If you want the cookie to only be valid for www.mydomain.com
set that to be the cookie domain.
As its set up in the example the cookie will be sent to your server even if you're using something like
www1.mydomain.com
www2.mydomain.com
foo.mydomain.com

Hope this helps,

Elky

[edited by: Woz at 5:42 am (utc) on May 10, 2003]
[edit reason] no sigs please. [/edit]

mattglet

11:24 pm on May 13, 2003 (gmt 0)

thanks for the reply, BUT...

can you get it to work having .domain = "notyourdomain.com"?

that's the main thing i'm trying to figure out. i don't need it to read from MY domain, i need it to read from a totally different domain. just wondering if anyone's made this work, or if it's even possible.

-Matt

makeupalley

11:51 pm on May 13, 2003 (gmt 0)

This is not what the RFC details:

4.3.4 Sending Cookies to the Origin Server
When it sends a request to an origin server, the user agent sends a Cookie request header to the origin server if it has cookies that are applicable to the request, based on

Domain Selection
The origin server's fully-qualified host name must domain-match the Domain attribute of the cookie.

What I think you're trying to do can not be done.You can not read cookies set by other domains.
Just my humble opinion based on the information you provided.

Elky

mattglet

8:42 pm on May 12, 2003 (gmt 0)

well, the information you have provided is accurate, but nothing has been solved, in my eyes.

Domain Selection
The origin server's fully-qualified host name must domain-match the Domain attribute of the cookie.

nothing in there says that you cannot write a cookie to be read by another domain, or that you cannot read a cookie written by another domain. all it says is that the host-name must match the domain attribute of the cookie.

as you can see, this is a tough topic to resolve, which is the whole reason i have posted here. you almost got it Elky, but not quite :)

-Matt

makeupalley

10:51 pm on May 14, 2003 (gmt 0)

try this link.

[softartisans.com...]

Cookies in ASP

.domain attribute

mattglet

BlobFisk

mattglet

makeupalley

mattglet

makeupalley

mattglet

makeupalley

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week