9

Is there a way to share cookies across different domains and different applications (classic ASP and ASP.NET)

John Saunders
  • 160,644
  • 26
  • 247
  • 397
A.Salam Alasaadi
  • 167
  • 1
  • 2
  • 11
  • 2
    I know this has been answered already, but I was recently wondering the same thing and there ways to do this. You can see detailed explainations and examples [here](http://stackoverflow.com/questions/263010/whats-your-favorite-cross-domain-cookie-sharing-approach), [here](http://answers.google.com/answers/threadview/id/742376.html) and [here](http://www.15seconds.com/issue/971108.htm). – xzyfer Mar 04 '11 at 16:58

3 Answers3

20

No, there isn't.

The issue is the cross domain one, rather than the asp.net/classic asp and is security reasons.

If the domains are subdomains you can share the cookies, provided you use a cookie path that both can access (ie. for the domain sub.example.com you can read and write cookies using the example.com domain).

Oded
  • 489,969
  • 99
  • 883
  • 1,009
  • Does that mean that everything can share cookies with the root zone, from which everyone inherits cookies? If not, where are the boundaries, and how is that determined? Does foo.co.uk share with bar.co.uk? Can x.foo.uk share with y.foo.uk? – Jonas Kölker May 13 '15 at 15:39
  • @Jonas - if the cookie domain is set to `foo.uk`, then any subdomain will share it. That's how it works. – Oded May 13 '15 at 15:46
  • [Here](http://stackoverflow.com/a/19546680/2218697) is post with image tag , is that a **better solution** ? – Shaiju T Dec 13 '16 at 09:35
  • @stom - this isn't cookie sharing. It is copies of cookies on three separate domains. If one cookie changes, it doesn't change the others. – Oded Dec 13 '16 at 10:16
  • Thanks, do you mean copies of cookies with same name in 3 separate domains ? and will that solution be better for `SSO` across domains ? – Shaiju T Dec 13 '16 at 10:45
  • 1
    @stom - yes, that's essentially what's happening. For SSO, you would need to keep the three synchronised with each other at all times via a central location (how you do that... so many ways, including the images one you linked to). – Oded Dec 13 '16 at 10:47
  • ok , is my question is related to your original answer and is it advisable to upvote your answer , you have answered my question in comments ? – Shaiju T Dec 13 '16 at 10:50
  • @stom - it is related, but is tangential. If you want to upvote, I'm not stopping you ;) – Oded Dec 13 '16 at 11:03
6

You can share cookies via some behind the scenes communication between servers, or through querystrings.

Both are ill advised, unless the information in the cookies is harmless (but be aware that harmless looking data quite often isn't actually harmless).

Native support for accessing cookies is not possible cross domain, and probably will never be for security reasons.

Tom Gullen
  • 61,249
  • 84
  • 283
  • 456
-4

you can use cookie convertor which save all the cookies in the share database and try to recreate them again.

Reza
  • 414
  • 2
  • 6
  • 18