Cross domain cookies

by

There is absolutely no way for domain.com to set a cookie for domain1.com. What you are attempting to do can only be solved by getting the user’s browser to submit requests to each domain which will then set its own cookie.

Then you need a way for each domain to verify the user’s identity. There are two approaches to this:

  1. Back channel – the sites contact each other directly to determine if a user is logged in.
  2. Passing a token in the GET or POST – when the user’s broweser is redirected to the other site a digitally signed parameter is passed containing the identity and session status.

It’s really quite complicated. I suggest you don’t roll your own. Take a look at SimpleSAMLPHP for a PHP implementation of what I’m describing.

More Related Contents:

  1. PHP Curl And Cookies
  2. PHP login system: Remember Me (persistent cookie) [duplicate]
  3. CakePHP remember me with Auth
  4. PHP authentication with multiple domains and subdomains
  5. Adding files cookies PHP (host)
  6. Undefined index $_POST
  7. How do I expire a PHP session after 30 minutes?
  8. How should I choose an authentication library for CodeIgniter? [closed]
  9. Why are my cookies not setting?
  10. How do I use cookies across two different domains?
  11. setcookie, Cannot modify header information – headers already sent [duplicate]
  12. How can I send cookies using PHP curl in addition to CURLOPT_COOKIEFILE?
  13. PHP Sessions with disabled cookies, does it work?
  14. How can I set, get and destroy cookies in WordPress?
  15. How to kill a/all php sessions?
  16. Logging In To Joomla 1.5 Using External Form (not within joomla folder, but on same server)
  17. When do I have to declare session_start();?
  18. How do you set up use HttpOnly cookies in PHP
  19. PHP – setcookie() not working
  20. Can’t set PHP cookie on the same page
  21. PHP – Secure member-only pages with a login system
  22. Prevent Browser’s Back Button Login After Logout in Laravel 5
  23. PHP: Cookie domain / subdomain control
  24. Class ‘App\Http\Controllers\admin\Auth’ not found in Laravel 5
  25. Laravel – How to get current user in AppServiceProvider
  26. PHP form token usage and handling
  27. Token was deauthenticated after trying to refresh it
  28. PHP session seemingly not working
  29. Declaring a global variable inside a function
  30. how to unset cookie in PHP?

Leave a Comment