View Full Version : cookie retrieval problems

10-18-2005, 06:47 AM

I am trying to pass some parameters from one web server to another web server with different domains, I know that due to the IE security issue, I can't pass parameter directly, but since I can access to both of the server and do the coding, so I tried the following:

1) on webserver1 collect the parameters and construct a URL base on the webserver2 like: "http://webserver2/sender.jsp?test1=111,222

2) when webserver2's sender.jsp onload get the parameters base on the URL and create a cookie named "test1" with values 111,222

3) on webserver2, create a frame named "Listener" and refresh itself for every 2 sec, if detected the cookie "test1" is not NULL, then forward the value to my desired text field. However I failed. :-<

Logically when I create a cookie in webserver2 and retrieve the cookie from webserver2, it should be ok, but I don't know why it doesn't work for me, and I tried to set the cookie on the parent frame of listener.jsp, it works fine, and the listener can retrieve the value right after refresh itself. so the cookie setting should have no problem, but don't know why the listener.jsp can't get the cookie which the sender.jsp create, did anyone have any idea? thanxs.

Philip M
10-18-2005, 08:24 AM
Security issue. A cookie created in one domain cannot be read or retrieved by another domain.

10-18-2005, 10:47 AM
Thanx for your reply, but I have launch the page in same server and then create the cookie, so it should solved the domains problem, isn't it?



a) on Server1 http://www.webserver1.com/createvalue.jsp
generate the values 111,222
b) construct the URL http://www.webserver2.com/sender.jsp?id=111,222
c) window.open http://www.webserver2.com/sender.jsp?id=111,222
d) http://www.webserver2.com/sender.jsp
onload -> get id = 111,222
create cookie "test1" with values 111,222
e) refresh http://www.webserver2.com/listener.jsp for every 3 sec
detect if cookie != null, then get value

From step c), the domain should be on webserver2 not webserver1 anymore, so on step d) for cookie creation, cookie should created in webserver2, and so in step e), I should available to collect the cookie, since they are on the same domain and cookie not expired yet, isn't it??