> be availble on website2.domain.com?
The answer is, it depends. By default, cookies are domain-specific. That is,
when a cookie is set, the browser will return it whenever it makes a request
to any host within that domain. However, you can control this within the
DOMAIN attribute of the CFCOOKIE tag. You can even limit the cookie so that
it is only returned for requests for specific files or directories using the
PATH attribute.
However, if I recall correctly, when you use CF's Session or Client
management, and you allow CF to set the CFID and CFTOKEN cookies, those
cookies are host-specific by default. I could be wrong about this, though,
but it's easy enough to test this by using a telnet client or the like to
make a single request. I'm not sure about the behavior of the JSESSIONID
cookie used with CFMX's J2EE session option, either.
> Or are they considered seperate domains?
No, they're separate hosts within the same domain.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
