Welcome to WebmasterWorld Guest from 54.146.194.42

Forum Moderators: incrediBILL

Message Too Old, No Replies

Cookies Across Multiple Domains

How let other domains access Cookies

     
7:22 am on Dec 20, 2008 (gmt 0)

New User

5+ Year Member

joined:May 14, 2008
posts: 9
votes: 0


When I log into Gmail, Blogger.com also is aware of my logged in session.
Same with Yahoo-Mail & Flicker.

How do they do this? I assume with Cookies, but isn't it pretty difficult to allow one domain to access another domain's cookie?

thanks
(sorry if this is the wrong forum-subject, I really wasn't sure but figured it applied equally to all server-side languages and maybe occurred more on the browser side)

6:18 pm on Dec 20, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member eelixduppy is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 12, 2005
posts:5966
votes: 0


You have to keep a database with session IDs to compare. You are correct in that one domain cannot access cookies of another domain like that.
10:49 pm on Dec 20, 2008 (gmt 0)

New User

5+ Year Member

joined:May 14, 2008
posts: 9
votes: 0


Would you explain this a little more? Or point me to a tutorial that could talk about this?

How would the programming language being used (I understand PHP & Java examples the best) know that how to match up the session with one domain-computer combo to another domain-computer combination?

thanks

11:42 pm on Dec 20, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Nov 3, 2005
posts:1585
votes: 0


It may rely on the two servers in question talking to each other.

Example, visit example1.com (server1), page returned contains request to example2.com (server2) with example1 cookie1 data encoded. Server2 informs Server1.

3:24 pm on Dec 21, 2008 (gmt 0)

Preferred Member

5+ Year Member

joined:Nov 20, 2007
posts:585
votes: 0


I assumed it did this by running an iframe or javascript within the page all from google.com domain.
3:44 pm on Dec 21, 2008 (gmt 0)

Full Member

10+ Year Member

joined:May 24, 2002
posts:284
votes: 0


they set up a cookie for each domain when you log in. you log in on domain A then they setup a cookie to domain A, domain B and so on...
11:01 am on Dec 22, 2008 (gmt 0)

New User

5+ Year Member

joined:May 28, 2008
posts: 17
votes: 0


I would have thought if they are owned by the same company there on the same server so flickr is actually. Yahoo.com/flickr so its actually on the same server?
5:51 pm on Dec 22, 2008 (gmt 0)

New User

5+ Year Member

joined:May 14, 2008
posts:9
votes: 0


no, I don't believe its a subdirectory within the server. Google offers so many services, one server would become very crowded very fast.
------------
Setting up a cookie/session for each domain at login is an interesting idea. And I do believe I see some things similar to this happening.

What if I have 100 domains? I may not want to establish 100 sessions/cookies. Just allow the user into one of the other domains as they feel the need to hit those other domains.

The insights have been great. I've started calling what I'm asking for "multiple domain session" and googling that has yielded some results. I look forward to your help in clarifying this further.

2:01 am on Jan 5, 2009 (gmt 0)

Full Member

10+ Year Member

joined:Jan 13, 2004
posts:208
votes: 0


Assume that there is a YouTube video embedded on a web page. Before you even click to view the video, you get several YouTube cookies.

About ten seconds after you click and start watching, the Flash code behind the YouTube video phones home to google.com and your standard Google cookie with the globally unique ID is offered up to Google. By watching it on a packet sniffer, you will see that the GET request from your browser to google.com includes the URL of the page you are on, as well as the ID of the YouTube video you are watching.

It happens on Obama's change.gov site, as well as on youtube.com itself. It happens everywhere you see an invitation to watch a YouTube video.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members