Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Chrome not sharing the cookie between the subdomains

When I use the value domain:".example.com" in my cookie, I expect it to support the subdomains xyz.example.com, abc.example.com etc

This works fine on mozilla firefox but does not seem to work on google chrome! On chrome it creates a new cookie for xyz.example.com which fails to serve the purpose.

Is this a known issue? Any help would be appreciated!

Thanks.

like image 820
sp497 Avatar asked Feb 23 '17 14:02

sp497


1 Answers

I know this is bit of a far fetch, but not all domains can have cookies set to them. https://publicsuffix.org/list/public_suffix_list.dat list is honored by Chrome, Firefox and Safari to mention the most popular browsers.

Assuming the above example.com would be s3-website-us-east-1.amazonaws.com very weird thing could be observed. The Set-Cookie header would be present in the response data, but browser's wouldn't display it in the network traffic inspector nor it would have any effect. Because the data is there, it can be observed via eg. curl.

Ref. RFC6265

like image 183
Jari Turkia Avatar answered Sep 29 '22 02:09

Jari Turkia