Chrome not sharing the cookie between the subdomains

Question

When I use the value domain:".example.com" in my cookie, I expect it to support the subdomains xyz.example.com, abc.example.com etc

This works fine on mozilla firefox but does not seem to work on google chrome! On chrome it creates a new cookie for xyz.example.com which fails to serve the purpose.

Is this a known issue? Any help would be appreciated!

Thanks.

You might find this answer to be useful: http://stackoverflow.com/a/23086139/4266776 — Reza Karami, Feb 23 '17 at 14:54
@RezaKarami Hey man whoever/wherever you are god bless you :) That was it! — sp497, Feb 23 '17 at 15:08

score 5 · Answer 1 · answered Sep 24 '18 at 09:11

5

I know this is bit of a far fetch, but not all domains can have cookies set to them. https://publicsuffix.org/list/public_suffix_list.dat list is honored by Chrome, Firefox and Safari to mention the most popular browsers.

Assuming the above example.com would be s3-website-us-east-1.amazonaws.com very weird thing could be observed. The Set-Cookie header would be present in the response data, but browser's wouldn't display it in the network traffic inspector nor it would have any effect. Because the data is there, it can be observed via eg. curl.

Ref. RFC6265

answered Sep 24 '18 at 09:11

Jari Turkia

723
1
14
26

1

You sir are an absolute legend, I have been struggling with this all day using azurewebsites.net domain name. I simply configured my CNAME's to point to custom domain names and hey presto it started working!!!!!! – Andrew HB Apr 16 '21 at 16:27
You're welcome. Care to guess how I found that out? :-D – Jari Turkia Apr 19 '21 at 08:28
I haven't a clue?? – Andrew HB Apr 20 '21 at 09:09
Spent half a day trying to get my Azure site to accept a cookie and realizing it never will. – Jari Turkia Apr 21 '21 at 06:33
Haha! well we have that in common! – Andrew HB Apr 22 '21 at 07:18

Chrome not sharing the cookie between the subdomains

1 Answers1

Linked