Cookies/Sessions across subdomains?

Forum Moderators: coopster

Message Too Old, No Replies

Cookies/Sessions across subdomains?

httpwebwitch

2:37 pm on Sep 24, 2010 (gmt 0)

I have a site at www.example.com (yes I do)

When the user signs in, it starts a session, drops a cookie.

I need the user to be signed in still, when they navigate to www2.example.com and www3.example.com etc.

But alas, the cookie doesn't exist on thosee subdomains. The user presumably has to sign in / start a session at each one separately.

The solution mentioned elsewhere is to add this to my .htaccess:


php_value session.cookie_domain .example.com

I had high hopes for that solution but it doesn't seem to work. I made that change, and still the PHPSESSID is not being sent when I request www2 or www3

I dunno what I'm missing here

optik

9:28 pm on Sep 24, 2010 (gmt 0)

certain browsers wont allow you to use cookies across sub-domains, you have to pass the ID of the session to the page on the sub domain and then start a new PHP session using that ID, that way it is the same session.

LifeinAsia

9:37 pm on Sep 24, 2010 (gmt 0)

According to what I have read and my experience, sharing the cookie across subdomains hasn't been an issue. I'm not sure how to set it up with PHP, but that notation (.example.com) sounds right. There might be an issue with the cookie appearing for www.example.com and sub1.example.com, but not example.com. (We redirect all example.com to www.example.com, so I can't test.) We've had no problems (so far) with IE, FF, and Chrome.

optik

9:51 pm on Sep 24, 2010 (gmt 0)

The problem is with Safari, possibly other I don't know though.

httpwebwitch

3:30 am on Sep 25, 2010 (gmt 0)

great news

the .htaccess thing didn't work, but this did:

add this one line immediately before calling session_start()

session_set_cookie_params(60*60,"/",".example.com",false,false);

now my cookies are shared across all the subdomains. I'll try it in a bunch of different browsers, but right now I know it's working in FireFox and Chrome on Mac.

optik

9:54 am on Sep 25, 2010 (gmt 0)

try it on Safari, it wont work!

httpwebwitch

7:32 pm on Sep 27, 2010 (gmt 0)

Actually @optik, on Safari it's working fine

Safari Version 5.0.1 (6533.17.8)

running on MacBook Pro, OS X version 10.6.4

I haven't tried my Windows browsers yet (IE, FF, Chrome)

optik

9:16 pm on Sep 27, 2010 (gmt 0)

maybe it's just when switching to https sub-domains, or maybe fixed in version 5 but there is/was definitely an issue with Safari.

httpwebwitch

10:46 pm on Sep 27, 2010 (gmt 0)

Confirmed: works fine in IE and FF on Windows XP.