Posted by patilj on 02/01/06 17:53

OK, here's the deal.

Let's say I got a website called:
https://www.blah.com/~account/application/login.php

When the user arrives they see a https which is more secure than just
http alone.
The problem for me is it is too slow because it's shared with others
(but at least it's free), and I'm too cheap to shell out the money for
my own, etc.

The cookie when I check in firefox shows me it's associated with this
domain name (www.blah.com).

So I want to drop a cookie and then once it's in place, I want to
switch over to
the faster:
http://www.mydomainname.com/application/login_submit.php

The first url (at the beginning of this message) is what's provided by
my webhost,
and the domain name is obviously different from my own. That said I
also believe
that even if used:

http://www.blah.com/~account/application/login_submit.php (no https) it
would still give
me a problem because of the differences between http and https, no?

When the cookie is written it references www.blah.com and not
www.mydomainname.com.

Is there a way that I can change this PATH and DOMAIN info on the fly
AFTER the cookie has been written? I also tried writing the cookie
with a Domain of just (.) and path of (/). This too was not taken.

I'm sure there are plenty of other ways to get a login screen to work..
but I'm curious
about this specific point. It's my cookie, and it's my browser.. I
don't see why there
should be any hinderances on me deciding what happens to my cookie. He
who makes it, gets to eat too right? :-)

[Back to original message]