Frameset missing cookies

[Sanjib Biswas]

Hi,



I have an ASP.Net application that runs in the localhost (site-A).
With-in the .cs file I am accessing another site (site-B) that returns me
cookies. I am also able to do a Post on that site and its working. But when
I set the returned cookies from site-B in the response header, the cookies
are not visible in site-A. How do I get around to this problem?



I have noticed that if both site-A & site-B are on the same host then site-A
is able to see the cookies set by site-B.



Pseudo code

=========

site-A (GET)

site-B (GET)

Cookies set

site-B (POST)

set cookies in the response header

write the data (received from POST request - contains frameset)



Response.AddHeader("P3P", "CP=\"CAO PSA OUR\"");
Response.Cookies["system"].Value = "prod";
....
// write the page to the browser
Response.Write(result);

Sniffing HTTP packets reveals that, response header request of site-A has
the P3P policy header and the cookies. But site-A is unable to set the
cookies in subsequent calls to retrieve the content from the frames.

Thanks
Sanjib

 

[bruce barker]

thats correct, browser security requires that cookies are only shared
between site with the same domain (or sub domain) specfied when the
cookie is created. there must at least one dot in the subdomain.

-- bruce (sqlwork.com)