Answer the question
In order to leave comments, you need to log in
Checking for cookies from a third party domain
The task is this: It is
necessary to make a corporate service tied to another corporate service (admin panel) so that access to this service is open only if the user's local storage has a cookie from the admin panel, which is located on a different domain.
Question - is it possible in PHP to check for the presence of cookies from a specific domain?
Note:
domain.site.ru has a cookie called remember_user_token
It is necessary that access to domain.site2.ru be open only to those who have the above cookie
The ability to do something in the code on domain.site.ru when this is not available.
Thank you!
Answer the question
In order to leave comments, you need to log in
Through cookies, definitely not.
There is a standard solution.
The user is authorized on site.ru and not authorized on site2.ru
1. When entering site2.ru, the script sees that the user is not authorized and redirects the user to a special site.ru/auth page
2. The site.ru/auth address is checked that the user is authorized, and then we throw the user back, but only with special parameters, for example site.ru/?auth=ok&user=vasya
3. site2.ru if it sees such parameters, it authorizes the user.
Of course, the whole thing must be salted with a random hash.
:))) this (with the help of cookies alone without access to the sending site) is simply impossible ... imagine you have a cookie from money.yandex.ru ... you go to the supernews.ru website ... your cookie from Yandex is intercepted there, for example, from session and your money is withdrawn
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question