|
|
Posted by J.O. Aho on 02/06/07 19:20
Rik wrote:
> J.O. Aho <user@example.net> wrote:
>>>> From my understanding a cookie can only be generated from a server
>>>> in its
>>>> domain, since there would be problems with outside sides trying to
>>>> forge cookies
>>>> for another domain. You might not be able to use "SQL1, 10.1.1.100 and
>>>> statuspage.cosite.com." in one cookie and may need to generate three
>>>> separate
>>>> cookies.
>>
>> You can always get the domain that the user has used to request the
>> page, and therefore be able to send a correct domain with the cookie,
>> no needs of more than one.
>>
>> setcookie(... ,$_SERVER['SERVER_NAME']);
>
> Yup, but it alreasy defaults to that, so it normally shouldn;t be
> necessary.
For browsers like Mozilla/Firefox/SeaMonkey/Opera and so on, it seem to work
fine, but for some reasons MSIE can get troubles so that the cookie isn't set,
so even if it's supposed to be automatically set right if it's omitted (if I
remember it right, in this case it's the client who sets the domain), there is
something broke in MSIE.
--
//Aho
Navigation:
[Reply to this message]
|