I need the HttpOnly validation cookie to work:
mydomain.com www.mydomain.com abc.mydomain.com
so that I can enter all three places with a single login.
This works fine by setting my cookie domain to:
.mydomain.com
here is the response header that sets the cookie:
MYAUTHCOOKIE=FOO; domain=.mydomain.com; path=/; HttpOnly
Everything works fine for normal browser requests.
However, I need to make an AJAX request from mydomain.com and www.mydomain.com to abc.mydomain.com .
When I make a request, it does not pass an authentication cookie. Why is this, and what can I do about it?
If I make a request to the same host as the page where JS is located, it sends a cookie: s
Here is my request code:
$.ajax({ type: "POST" , data: { data: { foo: bar} } , dataType: "json" , url: "http://abc.mydomain.com/foo" , timeout: 5000 , success: function (data, textStatus) { alert('woo!'); } , error: function (xhr, textStatus, error) { alert('meh'); } });
Is this some kind of cross-domain policy? Why does the cookie domain not work?
thanks
jquery ajax cookies cross-domain
Andrew Bullock
source share