{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 来,给爷笑一个 的问题《Cookie share with subdomain nodejs httponly cookie》','https://www.manongdao.com/q-976847.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am using express-session module for maintain session. i have two app. i want to share cookies with this apps, parent app run in example.com , and child app run in child.example.com. i set httponly cookie using express-session it sets in the child app.i can verified that cookie in resource tab in chrome debugger.
Network tab:
When the first call to sub-domain: it load like "http://www.child.example.com" cookie set in the request. while the url is redirect to server IP . cookie not available after that.
like http://13.25.230.2/index cookie not avaliable on that
When you send the
Set-CookieHTTP header, you can specify the domain it is for.The domain must be a suffix of the domain hosting the page.
i.e.
foo.example.com,bar.baz.example.comandwww.example.comcan all share a cookie belonging toexample.com.A URL using an IP address has no hostname in it at all and cannot match that rule.
There is no way to share your cookie between
example.comand13.25.230.2. Give the site a hostname instead.There is no way you can set cookie using setcookie header from one host to another. For example from example.com to foobar.com. If you have to do it. Then do it by passing the cookie value to server side script for example foobar.com\set-my-cookie.php and use to to save the cookie.
Httponly cookies cannot be set or read from client side code.