Menu
I'm creating third party cookie with <img src="http://example.com/test.php" />
test.php:
if($_GET['r']) {
header('Content-type: image/gif');
// echo transparent 1x1 pixel
exit;
} else {
setcookie('name', md5(time()), time()+60*60*24*30, '/');
$url = 'http://example.com/test.php?r=1';
header('Location: '.$url);
exit;
}
This code creates third-party cookie. Is there any method to read created cookie through javascript from a different domain than example.com?
555
asked Dec 14 '25 10:12
No. JavaScript only has access to the cookies for the current document, not for any of its dependencies.
If this wasn't the case then authors could load an image from any website you might have an account on, read the cookie with JavaScript, Ajax it to their server, and then have a copy of your current login token for that site. It would be a huge security hole.
82
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
