-1

I have a simple html page served from my local machine by an app running on port 8000, using the domain appdev.my_company.com.

The same app serves an API from the domain appcenter.my_company.com.

I have an endpoint in said API which sets a session cookie header that looks like this:

Set-Cookie:gac_3_6e...="VC1_69...=="; Domain=.my_company.com; Path=/

I made an ajax request to said endpoint, from the static page, hoping that the cookie would be set since the domain is the same (only the subdomain differs):

/* In http://appdev.my_company.com:8000 */
$.ajax({
    url: "http://appcenter.my_company.com:8000/login/",
    method: 'POST',
    data: JSON.stringify(data),
    success: function(){
        console.log("logged in");
    },
    headers: {
        "Content-Type": "application/json"
    }
});

But it doesn't.

The cookie needs to be associated in the browser window with the current domain, because we need to reload a plugin that picks up this cookie (the cookie comes from a thrid party server).

How can I get this cookie to be registered in the browser? If I look into the resources tab of the web console, no cookie shows up.

I took a look at domain matching of the RFC6265, and it appears this should work.

What can be wrong in this case?

Community
  • 1
  • 1
Alvaro
  • 11,797
  • 9
  • 40
  • 57
  • 1
    Different ports = different domains. You can't share cookies between different domains. Sorry. You'd need to use cross-window events with a frame on that different domain and something like `window.postMessage` to get the data. – Benjamin Gruenbaum Oct 01 '15 at 19:23
  • @BenjaminGruenbaum sadly the ports have nothing to do with it, according to RFC6265 – Alvaro Oct 02 '15 at 16:56

1 Answers1

1

Please checkout CORS. This is the exact problem they try to solve. The only other way (to my knowledge) is to proxy the requests to the other source via your server.

Prashant
  • 1,002
  • 13
  • 29