using cookies across domain?

Question

Possible Duplicate:
cross domain cookies

I need a cookie to be available across multiple domains. I know you can't do it directly but am I able to do something like this:

• user visits domain1
• domain1 does a curl post to domain2
• domain2 checks whether a cookie called 'someCookie' is already set. If it is then it returns some data to tell domain1 that it is already set, if not it returns some data to say its not set.
• Now domain1 knows whether the cookie for domain2 is set or not

So basically domain2 always handles the cookie and just reports back to the other domains whether or not it is set or not. I will also need to set it from domain1 by calling a script on domain2 that sets the cookie.

I don't know if any of this is possible but please let me know

Answer 1

someCookie is data storage on CLIENT not on the server... so as long as the client doesn't load in the browser window or an iframe a page from domain2 there will be no cookie. Keep in mind that some browsers block cookie creation from iframes.

Answer 2

the problem with your suggested solution is that cookies are saved at the client side. Thus, domain1 cannot simply contact domain2 to ask if a cookie exists.

What you can do is having an iframe to domain2. Domain2 reads the cookie and sends some notification to domain1, telling domain1 that client X just accessed domain2 and has or has not the cookie set. However, this is a very hacky solution which will not work on all browsers.

Passing data from one domain to another is a very complex task. The browser support for such things is very limited, since these things are usually used for malware purposes (cross site scripting). So, browsers intentionally limit the possible solutions in this case.

Answer 3

Cookie can not be shared with different domain, but it is not subdomain, change it will work.

Try to some thing like

http://domain1.com/authenticate?token=tekrjadfjhad&action=auth

and validate token and action or anything else as per your logic.