S
Sam Ginko
I would like to know if it is possible to share Authentication cookies
between 2 url's with ruby. Does anyone know how to?
thanks
between 2 url's with ruby. Does anyone know how to?
thanks
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
M
Martin Boese
You can set the 'domain' (like: .example.org) and 'path' (like: /) arguments
to the cookie. This will make the browser to send the same cookie on
different domains and paths.
The ruby cgi library supports this.
See:
http://ruby-doc.org/stdlib/libdoc/cgi/rdoc/index.html
http://en.wikipedia.org/wiki/HTTP_cookie#Cookie_attributes
martin
to the cookie. This will make the browser to send the same cookie on
different domains and paths.
The ruby cgi library supports this.
See:
http://ruby-doc.org/stdlib/libdoc/cgi/rdoc/index.html
http://en.wikipedia.org/wiki/HTTP_cookie#Cookie_attributes
martin
S
Sam Ginko
Martin said:You can set the 'domain' (like: .example.org) and 'path' (like: /)
arguments
to the cookie. This will make the browser to send the same cookie on
different domains and paths.
The ruby cgi library supports this.
See:
http://ruby-doc.org/stdlib/libdoc/cgi/rdoc/index.html
http://en.wikipedia.org/wiki/HTTP_cookie#Cookie_attributes
martin
is this valid for to completely different url's
S
Sam Ginko
Martin said:You can set the 'domain' (like: .example.org) and 'path' (like: /)
arguments
to the cookie. This will make the browser to send the same cookie on
different domains and paths.
The ruby cgi library supports this.
See:
http://ruby-doc.org/stdlib/libdoc/cgi/rdoc/index.html
http://en.wikipedia.org/wiki/HTTP_cookie#Cookie_attributes
martin
is this valid for two completely different url's sharing the same
database i:e www.whatever.com and www.myurl.com
M
Martin Boese
No, this is a http restriction implemented at the user agent (browser).
RFC 2109:
8.3 Unexpected Cookie Sharing
A user agent should make every attempt to prevent the sharing of
session information between hosts that are in different domains.
Embedded or inlined objects may cause particularly severe privacy
problems if they can be used to share cookies between disparate
hosts. For example, a malicious server could embed cookie
information for host a.com in a URI for a CGI on host b.com. User
agent implementors are strongly encouraged to prevent this sort of
exchange whenever possible.
RFC 2109:
8.3 Unexpected Cookie Sharing
A user agent should make every attempt to prevent the sharing of
session information between hosts that are in different domains.
Embedded or inlined objects may cause particularly severe privacy
problems if they can be used to share cookies between disparate
hosts. For example, a malicious server could embed cookie
information for host a.com in a URI for a CGI on host b.com. User
agent implementors are strongly encouraged to prevent this sort of
exchange whenever possible.
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.
Similar Threads
Forum statistics
Latest Threads
-
How to Convert Excel Contacts to VCF File Format for iCloud?
- Started by nafaxay326
-
How to convert PST files to MBOX with attachments intact?
- Started by Regain@123
-
How to Convert Excel to VCF Format Quickly and Easily?
- Started by xayaci5906
-
How to migrate emails from Apple Mail to Outlook?
- Started by Regain@123
-
Import PST Files to Office 365
- Started by justinchapman
-
How to convert Excel to vCard without losing contact details
- Started by komaji8303
-
Import MBOX Files to Hotmail Account-[Effortless Method]
- Started by franklinshaw
-
Changing header image size
- Started by beluga
-
Eclipse is not making the binaries
- Started by 357mag
-
Beginner. Visual studio wont open with live server
- Started by Tren78