Forum Discussion
Altostratushow to insert cookie for 2 domains
in HTTP::response event HTTP::cookie insert name "test" value "00" path "/" domain "x.com"
besides this,I also want this cookie "test" be set in domain "xy.com"
is the second cookie test is based on session,there is no session for it(new domain),what will happen?
per my understanding,session based cookie is for the exact session which get this cookie
if there is a cookie for a new domain,how to understand this session based cookie?
1:for example domain is .xy.com
I got this cookie from 1.xy.com,what will happend if I visit 2.xy.com?
or
2:I got this cookie test xy.com domain,but the session for I got it is (my laptop -------- 1.x.com)
3:even I use
HTTP::cookie insert name "test" value "1" path "/" domain "x.com"
HTTP::cookie insert name "test1" value "1" path "/" domain "xy.com"
it seems when trying to visit 1.xy.com,cookie is not included in http request header
thx in advance
4 Replies
hoolioCirrostratus
Hi Robbie,
By design, one web service can't set a cookie for a different domain. See these wiki pages for details:
http://en.wikipedia.org/wiki/Same_origin_policy
http://en.wikipedia.org/wiki/HTTP_cookie
Do you own both domains? If so, you could potentially use an HTTP redirect to force the client to make a request to xy.com after they make a request to x.com:
HTTP::respond 302 Location "http://site2.xy.com/index.html" Set-Cookie "my_cookie_name=my_cookie_value; Domain=.x.com; Path=/"
This would send a 302 redirect to an xy.com subdomain with a cookie set for x.com.
Aaron
Robert_47833hi,Aaron
great to see your reply
yes,I just found this ,for security reason,it is not allowed
yes,I own both domains.all I want to do is ,let broswer or client cache cookie for xy.com when I visit x.com domain. and carry this cookie when hit xy.com(or whatever header which can act simliar as cookie)
reriect to xy.com page is not expected behavior.
I will try your solution,but ,http::redirect will redirect user brosswer to another page,is it?
seems I need to do steps below:
1:when HTTP_RESPONSE {
HTTP::respond 302 Location "http://site2.xy.com/index.html"
HTTP::cookie insert name xxxx
}
right?
2:set cookie for xy.com in its irule which applied to site2.xy.com,right?
3:would u kindly help me to understand session cookie,for example.when I hit 1.x.com ,cookie x.com is saved,if I hit 2.x.com,it is totally a different session- hoolioSorry for not completing the thought. The HTTP::respond command would be used on the x.com virtual server to send a redirect to xy.com and set a cookie for x.com. You'd want to use a specific URI in the redirect and probably set a session ID in a parameter value:
HTTP::respond 302 Location "http://site2.xy.com/set_session?sessionid=abcd" Set-Cookie "my_cookie_name=my_cookie_value; Domain=.x.com; Path=/"
On the xy.com virtual server you'd want to check for requests to /set_session and parse the sessionid parameter value. You could then set a cookie on the xy.com domain with the same value. You could then redirect the client back to the original x.com subdomain with the client then having two separate sessionid cookies set to the same value.
Does that make more sense?
Aaron - Robert_47833wooo,great thx,Aaron
you always have solution
so in HTTP::request event,x.com irule redirect client to xy.com with cookie set for x.com ,then in xy.com irule HTTP::request event,it redirect it back to x.com with cookie set for xy.com.
once this is done,request with cookie set goes to normal process,right?
