There is:

  • Site number 1, which takes a get-parameter "g" with a value written to it (eg? G = 1). Then he works with him.
  • Site number 2, which must send / overwrite the get-parameter "g" with its value to site number 1.
  • The value of the get parameter "g" is public and carries no special value, except for the owner of the site. Therefore, its secrecy is not important.
  • Both sites are located on different domains, belong to the same owner and can be located on the same server.
  • A user who visits website # 2 with a certain get-parameter, and then enters website # 1 without him.

Purpose: It is necessary that when entering the site No. 1, the cookies of the site No. 1 already contained the data of the get parameter with which the user entered the site No. 2.

On the site number 1, I posted a js-script that gets a get parameter from a url and sets it in a cookie. I connected this script to the site number 2. But at the entrance to the site number 2, cookies are set for the domain number 2. And I need them to be installed on domain # 1.

How to make cookies set for domain # 1? As I understand it, I need to somehow transfer them / assign them to site # 1 at the time of loading the script, but I do not understand how to do this.

In other words, what code should I register in order to get the get parameter from site number 2 and write it to site cookie number 1?

    4 answers 4

    It is possible on the site number 1 to write a simple API that accepts GET with your parameter and creates a cookie. Estessno with keys, encryption, and all so abstruse. Well, when you perform a certain action on the site number 2, request the number 1 using this API. Everything is very trivial.

    • one
      Well, so I about it, mentioned curl - KAGG Design
    • one
      @KAGG Design I did not read your answer right away. + from me - Kirill Korushkin
    • For a newbie, it sounds terrifying and complicating. In one of the places, I was recommended to load the file (image or js) from the first site to the second one and assign cookies to the first one. But no details were provided. What do you think about this method? - Forman
    • I will say that the bike has already been invented - you have to sit down and go. And according to this, the answer KAGG Design in paragraph number 1 suits you best. If both sites are on WordPress. - Kirill Korushkin

    Cookies and local strorage cannot be used across domains. Well, unless to apply any muffled tricks through the general latent iframe with the third domain.

    If both sites are on WordPress, there are two simple ways:

    1. Combine them into multisite and store in the database (and it’s common) user’s label instead of cookie
    2. Having received the user's request at the second site, make a curl request to the second site in the php code and ask the user's rights (or something else)
    • Unfortunately, the task is with the cookie. In one of the places, I was recommended to load the file (image or js) from the first site to the second one and assign cookies to the first one. But no details were provided. What do you think about this method? - Forman
    • I consider the task with cookies impracticable. T.N. The "way" is contrary to cookie security policy and looks like chatter. What does the presence of a file have to do with cookies? - KAGG Design

    For security reasons, you cannot read / write cookies from another domain (I leave the question of subdomains of one domain and the domain property to independent study). But, as in any rule there is an exception. Cross-domain cookies can be made if both domains are yours. By "yours" I mean that you yourself can place the scripts you need on them. You can organize it as follows. We write a script that reads the name of the cookie from the request and returns the value in response, another script that sets the cookie. Now we can easily place html on another domain where using script elements we can pull scripts from another domain that will read / write cookies. Html will be in one domain, and we will pull cookies for another domain.

    Here is the simplest example:

    setcookie.php:

    <?php setcookie($_REQUEST["name"], $_REQUEST["value"], time() + 36000); ?>

    getcookie.php

     <?php $cookiename = $_REQUEST["name"]; echo "alert('" . $cookiename . " = " . $_COOKIE[$cookiename] . "');"; ?>

    listcookies.php:

     <?php foreach ($_COOKIE as $name => $value) { echo "alert('" . $name . " = " . $value . "');"; } ?>

    testcookies.html

     <html> <head> <script type="text/javascript"> function listCookies() { exec(document.getElementById('scriptsLocation').value + 'listcookies.php?rnd=' + Math.random()); } function setCookie() { exec(document.getElementById('scriptsLocation').value + 'setcookie.php?name=' + document.getElementById('cookieName').value + '&value=' + document.getElementById('cookieValue').value + '&rnd=' + Math.random()); } function getCookie() { exec(document.getElementById('scriptsLocation').value + 'getcookie.php?name=' + document.getElementById('cookieName').value + '&rnd=' + Math.random()); } function exec(sUrl) { var head = document.getElementsByTagName('head').item(0); var script = document.createElement('script'); script.src = sUrl; script.type = 'text/javascript'; script.defer = true; void(head.appendChild(script)); } </script> </head> <body> scripts location on other domain: <input type="text" id="scriptsLocation" value="http://your.other.domain/scripts/location/" /><br /> cookie name: <input type="text" id="cookieName" /><br /> cookie value: <input type="text" id="cookieValue" /><br /> <input type="button" value="Set cookie" onclick="setCookie()" /> <input type="button" value="Get cookie" onclick="getCookie()" /> <input type="button" value="List cookies" onclick="listCookies()" /> </body> </html>

    PS Test the performance of a specific example in Firefox. IE does not want to dynamically load scripts that have parameters in the URL. But even if this is an IE restriction, then it is easy to get through mod_rewrite.

    Source: http://rsdn.org/forum/web/1903262.1

      Cross-domain requests https://learn.javascript.ru/xhr-crossdomain

      You need to add the header Access-Control-Allow-Origin to the site: Allowed_domain

      Then read the documentation in this direction and start with this:

      https://developer.mozilla.org/ru/docs/Web/API/XMLHttpRequest/withCredentials

      The XMLHttpRequest.withCredentials property is a Boolean that determines whether cross-domain Access-Control requests should be created using credentials such as cookies, authorization headers, or TLS certificates.

      • Access-Control-Allow-Origin has nothing to do with cookies or local storage - KAGG Design
      • And now on the page under the link find Access-Control-Allow-Origin - KAGG Design
      • That's nonsense. First, the cookie works without ACAO. Secondly, cookies are limited to one domain for security purposes. You cannot read cookies from another domain programmatically. No If it were possible, it means that being registered on one site, I immediately get access to another (where the same name and password). Thirdly, do not throw links to documentation. Find there first ACAO, then throw. - KAGG Design
      • In general, let us have a working example with cookies on two sites, and I will be very surprised. In the meantime, minus the answer as harmful. - KAGG Design
      • Zamusuyte yourself, I will need to write a solution to look for answers deeper, but now I can only recommend the documentation developer.mozilla.org/ru/docs/Web/API/XMLHttpRequest/… - l2banners