How to write multi-domain cookies?

A

alektive2014-11-17 00:21:00

PHP

alektive, 2014-11-17 00:21:00

In general, the topic is this - you need to somehow write cookies and read them on different domains.
In theory, cookies are recorded either on the main domain , or on the domain + subdomains . But I'm interested in the technology of recording cookies on many completely different domains, different zones. So that mirror sites do not ask for re-authorization of the user.
There is an idea to record several cookies at once, that is, for all domains and subdomains at once. I want to hear your opinion on this matter, can there be any other options? Somehow IT giants solved this problem...

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Alexander, 2014-11-17
Madzhugin @Suntechnic

Nothing if the domains are different. Only by sticking something from another domain into the page. iframe for example. It seems that you can still img whose src will not be a picture, but say on a php file that will give a transparent pixel there, and put the necessary cookies in the headers.

F

FanatPHP, 2014-11-17
@FanatPHP

It makes no sense to write down everything at once.
The visitor is authorized after he enters the next domain (as it happens, for example, on a toaster/habré).
How IT giants solved this problem is easy to find out - just walk around different domains, logging in to one of the giants, and look at the HTTP headers issued. There you will see that each of the member domains loads a javascript requesting a session id from the authorization server. And the client makes a request with this seed to the current domain. Having received the seed, the current server itself also climbs to the authorization server, and if the seed is active, it sets a cookie for the user and authorizes him.
But if it's too complicated, then you can google (surprise!) "cross-domain authorization".