Web Design Forums

rustybones · 19-03-2008, 21:05

Hi guys,
so the problem goes like this:

I have a form that submits and sets a cookie then the user is redirected to a page on another domain (Gartner's domain who won't let us host the pages). Now we don't want people to access these pages on the Gartner server unless they have submitted the form from our domain.

So obviously the cookie is baked but only readable by our domain since you can't read cookies from other domains. The code on the Gartner server is looking for the cookie but can't find so it redirects back to the sign up form.

Does anyone know a bloody solution for this problem... cookies really don't seem to be the way to go. Can I carry some information across the query string, though that's pretty unstable too... help!

rustybones · 20-03-2008, 17:46

So after some further brainstorming yesterday with a college of mine, we decided to pass a simple query string parameter along with the redirect. The JS code we wrote to be included on the pages hosted on the Gartner server will then read the query string and if the parameters are correct we create a cookie from their server.

So then subsequent pages can just check for the cookie and this time be able to find it since the cookie was created on their server

Just thought I would update this with a solution since someone else might come across "cross domain" cookie doom

Cheeto · 21-03-2008, 16:50

Yeah most sites generate "keys" of sorts using random strings and date functions and possibly hashing them.

That's how I had websites communicate between each other to make sure the information was legit.

19-03-2008, 21:05	#1 (permalink)
rustybones buttock racer Join Date: Oct 2007 Location: Sweden Posts: 192	Javascript cookie action Hi guys, so the problem goes like this: I have a form that submits and sets a cookie then the user is redirected to a page on another domain (Gartner's domain who won't let us host the pages). Now we don't want people to access these pages on the Gartner server unless they have submitted the form from our domain. So obviously the cookie is baked but only readable by our domain since you can't read cookies from other domains. The code on the Gartner server is looking for the cookie but can't find so it redirects back to the sign up form. Does anyone know a bloody solution for this problem... cookies really don't seem to be the way to go. Can I carry some information across the query string, though that's pretty unstable too... help!

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

20-03-2008, 17:46	#2 (permalink)
rustybones buttock racer Join Date: Oct 2007 Location: Sweden Posts: 192	So after some further brainstorming yesterday with a college of mine, we decided to pass a simple query string parameter along with the redirect. The JS code we wrote to be included on the pages hosted on the Gartner server will then read the query string and if the parameters are correct we create a cookie from their server. So then subsequent pages can just check for the cookie and this time be able to find it since the cookie was created on their server Just thought I would update this with a solution since someone else might come across "cross domain" cookie doom

21-03-2008, 16:50	#3 (permalink)
Cheeto Mhmmmm Cheesy! Join Date: Mar 2008 Location: Raytown, Missouri Posts: 29	Yeah most sites generate "keys" of sorts using random strings and date functions and possibly hashing them. That's how I had websites communicate between each other to make sure the information was legit.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)