Reputation: 751
How are YouTube and Google accessing each others cookies?
A lot of researching on stackoverflow told me that getting/setting cookies from other domains isn't possible.
but I can see youtube.com is doing that with google.com
How are they doing that then?
Upvotes: 9
Views: 3510
Answers (2)
Reputation: 1746
It uses google accounts for user logins which requires a visit to the google.com domain to authenticate the login which will then download the cookie. That cookie will not be sent to youtube.com, only to google.com for login and authentication purposes. The list that Google Chrome shows lists all of the cookies loaded for the entire request, it is not just limited to the domain of the site you are viewing and since youtube.com loads files from other domains it also pulls in any cookies from there as well.
Upvotes: 1
Reputation: 30628
Your first statement is correct - it is not possible to get/set cookies from other domains.
That list of cookies shows what was set when you viewed the page, but you must remember that the page includes resources from different locations (images and scripts). When a script or an image is pulled from a different server, it has the opportunity to set a cookie as well. Although the page on youtube.com caused all of those cookies to be set, it only has access to the ones actually on youtube.com.
Upvotes: 4
Related Questions
- How do Third-Party "tracking cookies" work?
- How PREF cookie (google.com) appears in firefox?
- How youtube gets logged in to gmail account without getting redirected?
- Cookies used in Google login
- How does cookie work with HTTP?
- How can third party cookies know which sits a user have visited?
- How are cookies sent to a website
- By what mechanism is a third-party cookie placed, and how does it have access to, say, what you just searched for?
- How does Google know that I am still logged in?
- how can cookies track users despite same origin policy?