Reputation: 1475
Domain in cookies
I'm not sure so please explaine me if you know. I have problem with domain in Cookies.
According to the newewst rfc 6265 document it doesn't matter if domain in cookie starting with 'dot' or not.
For example:
Set-Cookie: example.com means the same as .example.com and it's valid for all subdomains like something.example.com and of course example.com .
So I have a question. How about "www"... If client have cookie setting to www.example.com -> client shouldn't send cookie for "example.com"??? But should send to: www.example.com???
Or maybe "www." is ignored too?
Could you explain me that? I can't find the answer.
Thank you.
Upvotes: 1
Views: 206
Answers (1)
Reputation: 168655
No, there's nothing special about www; it works the same as any other subdomain. www.example.com is different to example.com as far as cookies are concerned. Regardless of your opinion, that is the fact. www as a subdomain is not special.
This is an important point, and does catch a lot of beginners out, particularly when they write links in their sites with the full domain name. If you navigate from www.example.com/index.html to example.com/nextpage.html, your cookies may not be visible on the second page if the cookies were created on the index page in the www subdomain.
You say you've already read the RFC, but you might find that this answer gives a little more clarification on it.
Hope that helps.
Upvotes: 1
Related Questions
- How do browser cookie domains work?
- Losing cookies in headers when sending HTTP request to other domain
- A cookie without a domain?
- Chrome won't send domain level cookies to server in request header
- Multiple domain cookies been displayed under a given webpage
- cookies - the misunderstanding
- Reading cookies & cookie domains
- setting cookie with domain
- Cookies detail - name and data
- browser cookie issue