0

Hello I want to set crossdomain cookie using javascript.

So on domain localhost I can easily set cookie. So I load the page on localhost:300 and in the Browser's console I type:

document.cookie = "my_cookie=works; Domain=localhost; path=/;"

This method works - I can see the cookie being set.

But now, I want to set cookie to a different domain from the same place:

document.cookie = "my_cookie=doesntwork; Domain=.hubspot.com; path=/;"

And this time it doesnt work - I still have the old cookie value and domain:

enter image description here

I know that what I am trying to do is possible because I have seen it on many sites. For example if check the cookies on this site you will see many cookies with domain google but the domain is stackoverflow.com .

For example: enter image description here

So, how can I imitate/mimic this? I see some suggest using iframes - I tried without success - the cookies are still blocked. Please provide workable example (I believe 5 lines of code can do )

I want to open localhost page in my browser and run JS code that would put cookie with domain like .example.com. This is obviously possible. But I cant do it. I'm not trying to complete some job here - I just want to understand how the cool kids do it.

Hairi
  • 3,318
  • 2
  • 29
  • 68

2 Answers2

0

You cannot set a "cross-domain" cookie for security reasons. If this was possible, you'd be able to remotely sign people out of their accounts on other websites if they visited yours by overwriting their cookie for their site. The cookies you are seeing on pages like StackOverflow are because that page includes resources from that server. For example, you can see imgur cookies on this page since the image you linked to is hosted there.

James Paterson
  • 2,652
  • 3
  • 27
  • 40
  • How can I create a resource that saves cookies on other sites which include my source? Ok I will create such resource if needed. But how to do this? I know that some sites provide code snippet (such as tracking code) that sets cookies on other sites. The other site includes this JS code snippets and the cookies are set. But how this code works? – Hairi Dec 10 '20 at 17:27
  • You would need to include that page in your own through an iframe, or another network request, and then set the cookie in that domain. EG: when you include an image from imgur, it's imgur who are setting the cookie for their site, not SO. – James Paterson Dec 10 '20 at 17:34
  • Ok, let me put it this way. What JS code should I run in order to make a cookie for different oigin to appear in the Browser->dev view->Application-Cookies. For example I hit F12 on localhost page and I want in the cookies to appear cookie like this .example.com . – Hairi Dec 11 '20 at 12:18
0

SORRY FOR MY BAD ENGLISH!

There is no such thing as a cross-domain cookie that said you can get the same tracking functionality with sharing a cookie.

for example we want to track a user in our ad network across affiliated sites.

our tracking endpoint is : https://tracking.a.com here we set a deviceid in the cookies. Our Affiliated Webmaster b.com adds a javascript which adds an iframe to the page. iframe loads somecontent from a.com hence the cookies are shared then you can inside the iframe send the users current location ( b.com/shop ) to a tracking endpoint and attach deviceid cookie which can only be accessed by webpage on a.com. now deviceid or user can be related to the affiliate website and their intrests can be pridicted - but it is illegal - and safari deletes these cookies

Kabeer Jaffri
  • 652
  • 1
  • 9
  • 9