Setting cookies across multiple domains

[Jason]

Well, it was bound to happen. I've gotten myself into a bind. I have a
pretty high-traffic site, and my old host simply couldn't handle it, so
I'm moving parts of the site to a different host. Sloppy, I know, but
this is a band-aid until I can set up a dedicated.

Anywho, here's my problem. When my visitor logs in, a cookie is set
that the rest of the site recognized to give them options and features.
But with a portion of the site on a different server entirely (and a
different domain), the cookie isn't recognized by the other domain.

Here's where it gets fun. Because of the way everything is written, the
login function is part of a LIB file that is shared by about 40
scripts. So I need to figure out a way to set 2 cookies (one for each
domain), but without using any modules (to do so would require
modifying all 40 scripts), without using pop-up windows (I can't create
a window in the middle of the process), and without using image tags to
call outside scripts.

I tried using the "domain" attribute when setting the cookie, but
that's not doing what I need. I've never used that attribute before, so
I really don't know if I'm using it correctly, nor do I really
understand its purpose.

Here is the the bit that I've been using up until now:

print "Set-Cookie: user=$username; path=/; expires=$expires\n";
sleep (1); # for some reason, the cookie wouldn't work immediately
unless I use sleep

I tried this modification, but to no avail:

print "Set-Cookie: user=$username; domain=.$domain_one; path=/;
expires=$_[2]\n";
sleep (1);

print "Set-Cookie: user=$username; domain=.$domain_two; path=/;
expires=$_[2]\n";
sleep (1);


Both work fine on the domain that sets the cookie, but not on the other
domain.

Is there any way to set a cookie for more than one domain, or am I just
dreaming?

TIA,

Jason

 

[usenet]

Is there any way to set a cookie for more than one domain, or am I just
dreaming?

I'm not trying to "beat up" on you here, but I want to point out that
you posted your question in a Perl programming newsgroup. Granted,
your application might be written in Perl, but you question is really
an HTML-type question and is not really specific to the Perl
programming language (or even the CGI.pm module). You would probably
have better success finding the answer to your problem in an HTML or
webmaster's newsgroup (If there is an even is an answer to your
problem, and, IMHO, there is not, because that's how cookies are
supposed to work, for many good reasons).

If you can do it in HTML then you can do it in Perl. But I don't think
you can do it in HTML, but I don't really know, as this is not an HTML
newsgroup and I am not an HTML expert.

 

[Jason]

I'm not trying to "beat up" on you here, but I want to point out that

you posted your question in a Perl programming newsgroup.

I understand, David, and would usually be right there with you. I
posted it to CLPM because I thought there might be a Perl-specific
solution.

Plus, it's 5am and I've been working on this for 18 hours, and my brain
is toast.

J

 

[Brian Wakem]

Well, it was bound to happen. I've gotten myself into a bind. I have a
pretty high-traffic site, and my old host simply couldn't handle it, so
I'm moving parts of the site to a different host. Sloppy, I know, but
this is a band-aid until I can set up a dedicated.

Anywho, here's my problem. When my visitor logs in, a cookie is set
that the rest of the site recognized to give them options and features.
But with a portion of the site on a different server entirely (and a
different domain), the cookie isn't recognized by the other domain.

Here's where it gets fun. Because of the way everything is written, the
login function is part of a LIB file that is shared by about 40
scripts. So I need to figure out a way to set 2 cookies (one for each
domain), but without using any modules (to do so would require
modifying all 40 scripts), without using pop-up windows (I can't create
a window in the middle of the process), and without using image tags to
call outside scripts.

I tried using the "domain" attribute when setting the cookie, but
that's not doing what I need. I've never used that attribute before, so
I really don't know if I'm using it correctly, nor do I really
understand its purpose.

Here is the the bit that I've been using up until now:

print "Set-Cookie: user=$username; path=/; expires=$expires\n";
sleep (1); # for some reason, the cookie wouldn't work immediately
unless I use sleep

I tried this modification, but to no avail:

print "Set-Cookie: user=$username; domain=.$domain_one; path=/;
expires=$_[2]\n";
sleep (1);

print "Set-Cookie: user=$username; domain=.$domain_two; path=/;
expires=$_[2]\n";
sleep (1);


Both work fine on the domain that sets the cookie, but not on the other
domain.

Is there any way to set a cookie for more than one domain, or am I just
dreaming?

You cannot set a cookie for another domain.

You can work around it though. If the login script is the only one that
sets the cookie, you could set the cookie, do a 302 re-direct to a script
on the other domain which sets the same cookie on that domain and then
re-directs you back to where you were.

 

[Gunnar Hjalmarsson]

I'm not trying to "beat up" on you here, but I want to point out that
you posted your question in a Perl programming newsgroup. Granted,
your application might be written in Perl, but you question is really
an HTML-type question and is not really specific to the Perl
programming language (or even the CGI.pm module). ...

Actually, the OP's question is even less an HTML question than a Perl
question. While Perl can be used to handle cookies, HTML cannot. One
appropriate group to refer this kind of questions is
comp.infosystems.www.authoring.cgi

However, I believe that Brian provided a workable solution.