user1870910
Reputation: 31
Third party cookie - read from other domain
I'm creating third party cookie with <img src="http://example.com/test.php" />
test.php:
if($_GET['r']) {
header('Content-type: image/gif');
// echo transparent 1x1 pixel
exit;
} else {
setcookie('name', md5(time()), time()+60*60*24*30, '/');
$url = 'http://example.com/test.php?r=1';
header('Location: '.$url);
exit;
}
This code creates third-party cookie. Is there any method to read created cookie through javascript from a different domain than example.com?
Upvotes: 3
Views: 1692
Answers (1)
Quentin
Reputation: 943695
No. JavaScript only has access to the cookies for the current document, not for any of its dependencies.
If this wasn't the case then authors could load an image from any website you might have an account on, read the cookie with JavaScript, Ajax it to their server, and then have a copy of your current login token for that site. It would be a huge security hole.
Upvotes: 3
Related Questions
- JavaScript and third party cookies
- Reading a cookie from a different domain
- Third Party Cookies - Cross Domain APIs w/ Session Tracking
- How to load cookies from another domain
- Setting a cookie from a third-party domain
- how can I read cookies, that were set by domain A, from domain B via an inline javascript attached in domain B?
- Read Third Party Cookie in Javascript and Server
- Is it possible to read a cookie from a different sub-domain? If so, how?
- Reading cookies from other Domains
- Reading Cookie from a different domain?