Asked  7 Months ago    Answers:  5   Viewed   50 times

I have 3 domains that are themed the same. If somebody chooses a different theme, I want it to propagate across all 3 domains so their experience stays the same.

I was planning to accomplish this by setting a cookie on domain1, redirect to domain2 where the cookie is set, redirect to domain3 where the cookie is set, redirect back. Since the information doesn't need to be secure or protected, this will work fine with no real problems.

I hate the idea 3 redirects just to set a cookie on each domain and was looking for something a little more elegant.

 Answers

50

Do what Google is doing. Yes, Google is doing this same trick to login the user to YouTube and other Google services which are on different domains.

Create a PHP file that sets the cookie on all 3 domains. Then on the domain where the theme is going to set, create a HTML file that would load the PHP file that sets cookie on the other 2 domains. Example:

<html>
   <head></head>
   <body>
      <p>Please wait.....</p>
      <img src="http://domain2.com/setcookie.php?theme=whateveryourthemehere" />
      <img src="http://domain3.com/setcookie.php?theme=whateveryourthemehere" />
   </body>
</html>

Then add an onload callback on body tag. The document will only load when the images completely load that is when cookies are set on the other 2 domains. Onload Callback :

<head>
   <script>
   function loadComplete(){
      window.location="http://domain1.com";//URL of domain1
   }
   </script>
</head>
<body onload="loadComplete()">

setcookie.php

We set the cookies on the other domains using a PHP file like this :

<?php
if(isset($_GET['theme'])){
   setcookie("theme", $_GET['theme'], time()+3600);
}
?>

Now cookies are set on the three domains.

Source - My Blog

Wednesday, March 31, 2021
 
mnagel
answered 7 Months ago
76

Make sure you have a domain that is known by both server and client. echo $_SERVER['HTTP_HOST'] should tell you the exact same domain that your browser has. If not, cookie will not be accepted by the browser.

Make sure your server and client time is perfectly correct. Browser will reject a cookie with a wrong datetime.

Do not write any other code and just do:

<?php
$cookie_name = "user";
$cookie_value = "John Doe";
setcookie($cookie_name, $cookie_value, time() + (86400 * 30), "/"); // 86400 = 1 day 
// expiration
echo date("H:i:s d.m.Y")."<br>";
echo $_SERVER['HTTP_HOST']."<br>";
var_dump($_COOKIE);
?>

and refresh the page twice.

Also check out manual at: https://www.php.net/manual/en/features.cookies.php

Saturday, May 29, 2021
 
mattltm
answered 5 Months ago
30

You could inject a script element into HEAD of the document with a callback that passes the cookie you need to whatever function needs it.

Something like:

 <script type="text/javascript">
   var newfile=document.createElement('script');
   newfile.setAttribute("type","text/javascript");
   newfile.setAttribute("src", 'http://first.com/doAjax?getCookie&callback=passCookie');
   document.getElementsByTagName("head")[0].appendChild(newfile);
 </script>

And the page first.com/doAjax?getCookie could do this:

     passCookie({'name':'mycookie', 'value':'myvalue'});
Monday, June 28, 2021
 
Len_D
answered 4 Months ago
55

Webpages can only set cookies for the second (or higher) level domain that they belong to.

This means that secure.example.com can read and set cookies for secure.example.com or .example.com, the latter of which can also be read and set by www.example.com

One last note: If the secure flag is set on a cookie, it can only be read and set over an https connection.

Thursday, August 5, 2021
 
Gil
answered 3 Months ago
Gil
37

Create a common domain specifically for your cookies and use it as a getter/setter API.

http://cookie.domain.com/set/domain1
http://cookie.domain.com/get/domain1

http://cookie.domain.com/set/domain2
http://cookie.domain.com/get/domain2

and so on.

Monday, September 6, 2021
 
jbowman
answered 2 Months ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :