How to read cookie from different domain?
Hi, I need to read a cookie from a different domain (it is not mine).
I known the name ok cookie.
When I create (write) a cookie, it is possible to set the name of domain:
cookie.setDomain(.example.com);
But It does'nt work for foreign domain just because security reasons, infact I
can not modify or create cookie for othen site, not own.
But I think it is possible to READ cookie from other site. Just the user set in
own browser settings allow third party cookies.
How can do it in wicket?
I only know this instruction to read cookie, and in this I can not choose the
domain to use:
Cookie[] cookies = ((WebRequest)getRequestCycle().getRequest()).getCookies();
This is my test application:
=
!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd;
html xmlns=http://www.w3.org/1999/xhtml;
xmlns:wicket=http://wicket.apache.org/; xml:lang=en lang=en
head
titleWicket cookie test/title
/head
body
a wicket:id=create_cookieCreate Cookie/a
br /br /br /
a wicket:id=read_cookieRead Cookie/a
/body
/html
==
package org.wicket.example;
import org.apache.wicket.markup.html.WebPage;
import org.apache.wicket.markup.html.link.Link;
import org.apache.wicket.protocol.http.WebResponse;
import org.apache.wicket.protocol.http.WebRequest;
import javax.servlet.http.Cookie;
public class TestPage extends WebPage {
/**
* Constructor
*/
public TestPage() {
}
@Override
protected void onInitialize() {
super.onInitialize();
add(new LinkTestPage(create_cookie) {
private static final long serialVersionUID = 6762033052623200948L;
@Override
public void onClick() {
((WebResponse) getResponse()).addCookie(createCookie());
setResponsePage(TestPage.class);
}
});
add(new LinkTestPage(read_cookie) {
private static final long serialVersionUID =
6762033052623200948L;
@Override
public void onClick() {
Cookie[] cookies =
((WebRequest)getRequestCycle().getRequest()).getCookies();
System.out.println(cookies[0].getName());
setResponsePage(TestPage.class);
}
});
}
/**
* Creates test cookie
* @return cookie
*/
public Cookie createCookie() {
Cookie cookie = new Cookie(wicketTest, 1);
// cookie.setDomain(.example.com);
cookie.setMaxAge(6000);
return cookie;
}
}
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: How to read cookie from different domain?
It is not possible to read a cookie from a different domain. That would be a
terrible security problem.
The browser will not send cookies that do not match your domain so no amount
of code tricks on the server handling this request will get you the cookie.
The third party cookies settings in browsers controls whether it is
possible to set cookies in requests for images and other assets for a page
that come from a domain that is different than the page's domain.
On Feb 16, 2011 7:58 AM, Paolo irresistible...@gmail.com wrote:
Hi, I need to read a cookie from a different domain (it is not mine).
I known the name ok cookie.
When I create (write) a cookie, it is possible to set the name of domain:
cookie.setDomain(.example.com);
But It does'nt work for foreign domain just because security reasons,
infact I can not modify or create cookie for othen site, not own.
But I think it is possible to READ cookie from other site. Just the user
set in own browser settings allow third party cookies.
How can do it in wicket?
I only know this instruction to read cookie, and in this I can not choose
the domain to use:
Cookie[] cookies =
((WebRequest)getRequestCycle().getRequest()).getCookies();
This is my test application:
=
!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd;
html xmlns=http://www.w3.org/1999/xhtml;
xmlns:wicket=http://wicket.apache.org/; xml:lang=en lang=en
head
titleWicket cookie test/title
/head
body
a wicket:id=create_cookieCreate Cookie/a
br /br /br /
a wicket:id=read_cookieRead Cookie/a
/body
/html
==
package org.wicket.example;
import org.apache.wicket.markup.html.WebPage;
import org.apache.wicket.markup.html.link.Link;
import org.apache.wicket.protocol.http.WebResponse;
import org.apache.wicket.protocol.http.WebRequest;
import javax.servlet.http.Cookie;
public class TestPage extends WebPage {
/**
* Constructor
*/
public TestPage() {
}
@Override
protected void onInitialize() {
super.onInitialize();
add(new LinkTestPage(create_cookie) {
private static final long serialVersionUID = 6762033052623200948L;
@Override
public void onClick() {
((WebResponse) getResponse()).addCookie(createCookie());
setResponsePage(TestPage.class);
}
});
add(new LinkTestPage(read_cookie) {
private static final long serialVersionUID = 6762033052623200948L;
@Override
public void onClick() {
Cookie[] cookies =
((WebRequest)getRequestCycle().getRequest()).getCookies();
System.out.println(cookies[0].getName());
setResponsePage(TestPage.class);
}
});
}
/**
* Creates test cookie
* @return cookie
*/
public Cookie createCookie() {
Cookie cookie = new Cookie(wicketTest, 1);
// cookie.setDomain(.example.com);
cookie.setMaxAge(6000);
return cookie;
}
}
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: How to read cookie from different domain?
Alle mercoledì 16 febbraio 2011, Randy S. ha scritto: It is not possible to read a cookie from a different domain. That would be a terrible security problem. The browser will not send cookies that do not match your domain so no amount of code tricks on the server handling this request will get you the cookie. The third party cookies settings in browsers controls whether it is possible to set cookies in requests for images and other assets for a page that come from a domain that is different than the page's domain. If I put the other page in a Iframe into my page, and I use Javascript or other client side technology, is it possible? Thank you. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
