Since I never figured out how to resolve the problem with the security warning message I posted about recently, I have been trying to use cookies to accomplish the same thing. This is for a shopping cart application.

What I have been trying to do is set a cookie on the unsecure part of my site (which will contain catalog number, quantities, and such) and then open it again on the secure part of my site where the credit card info will be added.

I have tested the set and retrieve programs on the unsecure part of my web site and they work. When I try it on the secure part the cookie is not retrieved and the work "undefined" is where the data should be.

There aren't that many parameters for setting cookies. I am setting the domain to .vcisinc.com which is the tail of both the unsecure and secure parts of my site (the secure part is something like https://secure-site.com/www.vcisinc.com).

Is this something that should work? Thanks

I don't believe that that is going to work for you. Here's the problem as I understand it:

Your unsecure site URL is http://www.vcisinc.com

Your secure site URL is https://secure-site.com/www.vcinsinc.com

From the above urls, it appears that you are using a shared security certificate? One of the problems with shared certificates is that they don't share the same domain. Just because www.vcinxinc.com is part of the secured URL doesn't mean that the URL is part of the vcincsinc.com domain; in fact, the URL is part of the secure-site.com domain. This means that your cookie that you set for the vcincsinc.com domain does not exist in the secure-site.com domain, and this is your problem.

To solve this particular problem, pass you session tracking tokens as URL parameters from the vcisinc.com page to the secure-site.com page and then, if you need to, set the same cookie value from one of the secure pages -- this will result in cookie.x with the same value residing on both domains and should give you the results you are looking for...