asp.net - Cross domain cookie access (or session)

Question

Welcome To Ask or Share your Answers For Others

asp.net - Cross domain cookie access (or session)

asked Oct 24, 2021 in Technique[技术] by 深蓝 (71.8m points)

asp.net - Cross domain cookie access (or session)

While I realise that this is usually related to cross site scripting attacks, what I'm wondering is how can a session remain valid throughout multiple subdomains belonging to a single domain (example: a user logging in only once, and being able to access both subdomain1.domain.com and subdomain2.domain.com with the same session). I guess I first need to understand how it works, but so far I haven't been able to find much that would be of any relevance.

But then again, maybe I wasn't asking the right question.

Thanks in advance :)

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Answer

深蓝 · Answer 1 · 2021-10-23T17:49:59+0000

Inproc sessions cannot remain valid, however you can code your web application to allow cookies across multiple subdomains. You will need to set the domain equal to:

Response.Cookies("CookieName").Domain = ".mydomain.com"

Remember the period.

Categories

asp.net - Cross domain cookie access (or session)

asp.net - Cross domain cookie access (or session)

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags