Reputation: 37436
multi-sub-domain cookies and ajax problems
I need an HttpOnly authentication cookie to work on:
mydomain.com
www.mydomain.com
abc.mydomain.com
so that I can be logged into all three places via a single login.
This is working fine, by setting my cookie domain to:
.mydomain.com
here is the response header that sets the cookie:
MYAUTHCOOKIE=FOO; domain=.mydomain.com; path=/; HttpOnly
This all works fine for normal browser requests.
However, I need to make an AJAX request from mydomain.com and www.mydomain.com to abc.mydomain.com.
When I make the request, it isn't passing the authentication cookie. Why is this, and what can i do about it?
If i make a request to the same host as the page the JS resides on, it does send the cookie :s
Here's my request code:
$.ajax({
type: "POST"
, data: { data: { foo: bar} }
, dataType: "json"
, url: "http://abc.mydomain.com/foo"
, timeout: 5000
, success: function (data, textStatus) {
alert('woo!');
}
, error: function (xhr, textStatus, error) {
alert('meh');
}
});
Is this some cross domain policy? Why doesnt the cookie domain make this work?
Thanks
Upvotes: 6
Views: 4800
Answers (1)
Reputation: 32434
According to the same origin policy, subdomains are indeed "hostile" to your top domain, but it can be fixed by setting document.domain (same article).
Upvotes: 1
Related Questions
- jQuery .ajax() won't set a cookie
- Cross origin, cookies and session
- Cookies are not set from Cross domain AJAX request
- Cookies on cross domain requests
- Cookie in AJAX response from other domain not honored - are there workarounds
- jQuery cross-domain AJAX request works on one page, but not another
- Cross Sub Domain Cookie
- Cross Domain Cookies with jQuery and jQuery Cookie
- Cookies not included in cross-domain AJAX requests
- Safari not sending Cross Sub-Domain Cookie