It is not possible to read a cookie from a different domain. That would be a
terrible security problem.

The browser will not send cookies that do not match your domain so no amount
of code tricks on the server handling this request will get you the cookie.

The "third party cookies" settings in browsers controls whether it is
possible to set cookies in requests for images and other assets for a page
that come from a domain that is different than the page's domain.
On Feb 16, 2011 7:58 AM, "Paolo" <irresistible...@gmail.com> wrote:
> Hi, I need to read a cookie from a different domain (it is not mine).
> I known the name ok cookie.
>
> When I create (write) a cookie, it is possible to set the name of domain:
> cookie.setDomain(".example.com");
>
> But It does'nt work for foreign domain just because security reasons,
infact I can not modify or create cookie for othen site, not own.
>
> But I think it is possible to READ cookie from other site. Just the user
set in own browser settings "allow third party cookies".
> How can do it in wicket?
>
> I only know this instruction to read cookie, and in this I can not choose
the domain to use:
> Cookie[] cookies =
((WebRequest)getRequestCycle().getRequest()).getCookies();
>
> This is my test application:
>
>
=========================================================================================
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
> <html xmlns="http://www.w3.org/1999/xhtml";
> xmlns:wicket="http://wicket.apache.org/"; xml:lang="en" lang="en">
> <head>
> <title>Wicket cookie test</title>
> </head>
> <body>
> <a wicket:id="create_cookie">Create Cookie</a>
> <br /><br /><br />
> <a wicket:id="read_cookie">Read Cookie</a>
> </body>
> </html>
>
>
==========================================================================================
>
> package org.wicket.example;
>
> import org.apache.wicket.markup.html.WebPage;
> import org.apache.wicket.markup.html.link.Link;
> import org.apache.wicket.protocol.http.WebResponse;
> import org.apache.wicket.protocol.http.WebRequest;
>
> import javax.servlet.http.Cookie;
>
>
> public class TestPage extends WebPage {
> /**
> * Constructor
> */
> public TestPage() {
> }
>
> @Override
> protected void onInitialize() {
> super.onInitialize();
>
> add(new Link<TestPage>("create_cookie") {
>
> private static final long serialVersionUID = 6762033052623200948L;
>
> @Override
> public void onClick() {
> ((WebResponse) getResponse()).addCookie(createCookie());
> setResponsePage(TestPage.class);
> }
> });
> add(new Link<TestPage>("read_cookie") {
>
> private static final long serialVersionUID = 6762033052623200948L;
>
> @Override
> public void onClick() {
> Cookie[] cookies =
((WebRequest)getRequestCycle().getRequest()).getCookies();
> System.out.println(cookies[0].getName());
> setResponsePage(TestPage.class);
> }
> });
> }
>
> /**
> * Creates test cookie
> * @return cookie
> */
> public Cookie createCookie() {
> Cookie cookie = new Cookie("wicketTest", "1");
> // cookie.setDomain(".example.com");
> cookie.setMaxAge(6000);
> return cookie;
> }
>
> }
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
> For additional commands, e-mail: users-h...@wicket.apache.org
>

Reply via email to