1

I believe I have a misunderstanding of cookie domains and how they are matched.

I have three running versions of an application on the following domains: myapp.test.somedomain.io, myapp.staging.somedomain.io, and myapp.somedomain.io (the "production" site).

Each version of the application will set the cookie domain equal to that exact domain value: so respectively the cookie domains for these three applications are set to .test.somedomain.io, .staging.somedomain.io, and .somedomain.io.

In isolation, each individual application/domain cookie works fine. However, the problem arises when I access the three applications simultaneously. When I have each of the cookies set in my browser, then loading up the application on myapp.test.somedomain.io I can see that the cookies for both .test.somedomain.io and .somedomain.io are both being loaded. This causes a conflict in my application and I get some side effect errors from it.

My question is: with these 3 domains set in these 3 cookies - how can I prevent the cookie from .somedomain.io domain from being loaded to the myapp.test.somedomain.io application?

Patrick D
  • 5,910
  • 3
  • 41
  • 51
  • Are you providing domain for the cookie explicitly? If yes, then may be this answer will help you, https://stackoverflow.com/questions/18492576/share-cookie-between-subdomain-and-domain – Nik Jul 31 '18 at 12:41
  • I explicitly set the domain of the cookie. This is because I have a couple of different applications on that domain that I would like the cookie to be shared with. For instance, I have `myapp.test.somedomain.io` and `myservice.test.somedomain.io`. I would like the cookie shared between these two applications. – Patrick D Jul 31 '18 at 13:02

0 Answers0