Re: SSL - Cart Drop

On Thu, Jun 14, 2001 at 05:01:11PM -0400, Jason Kohles wrote:
> On Thu, Jun 14, 2001 at 02:48:50PM -0600, Randy Clapp wrote:
> > Jason,
> > 
> > The documentation at
> > http://interchange.redhat.com/cgi-bin/ic/dev/icconfig_90.html states that
> > you can set more than one cookie domain.  Are you saying the documentation
> > is wrong?  
> > 
> No, the documentation is right, I think you are reading it wrong, what it
> says is that if your addresses are secure.yourdomain.com and 
> www.yourdomain.com
> you can make it match both of them by setting cookie domain to 
> .yourdomain.com,
> because .yourdomain.com matches them both, if they don't match, you can't
> use CookieDomain.
> 
OK, apparently today is my day to look like a moron, Mike outsmarted me and
made it so that if you specify more than one domain, Interchange handles it
by creating multiple cookies.  What is happening, then, is you are loading a
page from www.yourdomain.com which attempts to set a cookie for
.securedomain.com, since the cookie domain doesn't match the web servers
domain, your browser silently ignores that cookie.

-- 
Red Hat E-Business Solutions                    Jason Kohles
11480 Sunset Hills Road                         Senior System Architect
Reston, VA 20190                                jkohles@xxxxxxxxxx