kannanfa February 2016

Cookie share with subdomain nodejs httponly cookie

I am using express-session module for maintain session. i have two app. i want to share cookies with this apps, parent app run in example.com , and child app run in child.example.com. i set httponly cookie using express-session it sets in the child app.i can verified that cookie in resource tab in chrome debugger.

Network tab:

When the first call to sub-domain: it load like "http://www.child.example.com" cookie set in the request. while the url is redirect to server IP . cookie not available after that.

like http://13.25.230.2/index cookie not avaliable on that

Answers


Quentin February 2016

When you send the Set-Cookie HTTP header, you can specify the domain it is for.

Set-Cookie: name=value; domain=example.com

The domain must be a suffix of the domain hosting the page.

i.e. foo.example.com, bar.baz.example.com and www.example.com can all share a cookie belonging to example.com.

A URL using an IP address has no hostname in it at all and cannot match that rule.

There is no way to share your cookie between example.com and 13.25.230.2. Give the site a hostname instead.

Post Status

Asked in February 2016
Viewed 3,380 times
Voted 7
Answered 1 times

Search




Leave an answer