Menu
I use the Cookies class of GWT to generate cookies.
When I use the following
Cookies.setCookie(LOGIN_COOKIE_NAME, value, expires);
everything works fine. Checking the cookie in the browser leads to mydomay.com as it should.
But, when I use the following:
String path = "/"
String domain = "mydomain.com"
Cookies.setCookie(LOGIN_COOKIE_NAME, value, expires, domain, path, secure);
I can see a dot before the domain when I check it in my browser:
.mydomain.com
Where does the dot comes from?
It turns out that Cookies.removeCookie(LOGIN_COOKIE_NAME) does not work for me if .mydomain.com is given. Why is it not possible to delete this cookie when there is a dot in front?
745
While cookies are sent only to the server setting them or a server in the same Internet domain, a web page may contain images or other components stored on servers in other domains.
The origin domain of a cookie is the domain of the originating request. If the origin domain is an IP, the cookie's domain attribute must not be set. If a cookie's domain attribute is not set, the cookie is only applicable to its origin domain.
As you may know, cookie can't be set in a different domain from another domain directly. If you're having multiple sites in where you need to set a cookie from a parent site, you can use basic HTML and JS to set the cookies. Google is using this same way.
For Google Chrome go to View > Developer > Developer Tools or CMD + ALT + I on Mac or F12 on Windows. Now open the Application tab and check the cookies for each domain. Usually the cookies have names that resemble the name of the service they are being used by.
The dot means that the cookie also holds for any subdomain to mydomain.com, such as example.mydomain.com. Think of it as *.mydomain.com where * is a wildcard.
You can find a highly similar question here: What is the cookie dot rule?
150
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
