Yeah, adding to what Howard noted, the DOMAIN attribute isn't there for the reason you're using it. It's instead for controlling use of cookies on that "single domain" that's setting the cookie, but controlling whether and how it works for any subdomains under it.
You can't simply name another domain (that's not the one setting it) and hope that it can be read by that other domain. This really goes to an old and fundamental security feature built into cookies. The designers specifically didn't WANT visitors to Server A to have a cookie set there which would be read when the request got to Server B. That could be abused by those wanting to track visits. Of course, there have been many ways that people have gotten around that. I guess if you really wanted to do it with cookies (rather than the URL parms Howard recommends), you can pursue those alternatives. Just think like (or search how to act like) a hacker. :-) /charlie PS Hey Howard, if you're reading this, can you see if you got an email from me, direct to you yesterday? -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Howard Fore Sent: Wednesday, June 24, 2009 7:13 PM To: [email protected] Subject: Re: [ACFUG Discuss] cfcookie with the domain attribute Clark, Cookies can only be set and read by a single domain. If you want to pass the data to a second site, I'd suggest URL parameters. ------------------------------------------------------------- To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -------------------------------------------------------------
