0

I have some domain example.com. User logs in from the example.com and I want to set cookies for subdomains foo.example.com, bar.example.com etc. When I try to set it like such:

setcookie($cookie_name, $token, $expires, '/', '.example.com');

I got an error "Set-Cookie was blocked because its Domain attribute was invalid with regards to the current host url" in my Chrome 92.

When I try to make it with samesite=none:

    setcookie($cookie_name, $token, [
        'expires' => $expires,
        'path' => '/',
        'domain' => '.example.com',
        'secure' => true,
        'httponly' => true,
        'samesite' => 'None'
    ]);

I have the same error in my Chrome 92.

I didn't test it with https yet. Is it possible to set cookie for subdomain for HTTP?

Alex Rsk
  • 93
  • 1
  • 7
  • Does this answer your question? [Setting cookie for subdomain with php won't work](https://stackoverflow.com/questions/9082033/setting-cookie-for-subdomain-with-php-wont-work) – sohail amar Oct 14 '21 at 14:08
  • No, this is obsolete method. Prefix "." is not work anymore, that's why I asked my question. – Alex Rsk Oct 14 '21 at 14:11
  • _"with regards to the current host url"_ - and what exactly _is_ the current host URL here? The request for the script containing this, is made _to_ `example.com`, yes? Are we talking about a "direct" request, or anything AJAX/background? – CBroe Oct 14 '21 at 14:14
  • The current host is example.com. What do you mean by "background request"? There's no AJAX. My request is logging request: The user enters credentials, submits form, then he logs in, the cookie is setting up, and theoretically, the user should be logged in example.com, as well as in foo.example.com, baz.example.com. etc. – Alex Rsk Oct 14 '21 at 14:37

0 Answers0