php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #26357 session.cookie_domain problem with Mozilla and IE
Submitted: 2003-11-21 21:33 UTC Modified: 2003-12-01 03:15 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: dmachi at vt dot edu Assigned:
Status: No Feedback Package: *General Issues
PHP Version: 4.3.4 OS: Linux
Private report: No CVE-ID: None
 [2003-11-21 21:33 UTC] dmachi at vt dot edu
Description:
------------
I have a small app in which I would like to use sessions, no different than many others I have written in the past.  However, on this one I would like to set the cookie domain to a domain as opposed to a host.  However, when I do so, it seems to not work in Mozilla and IE (it does however work in konqueror).  I have tried setting the cookie_domain through ini_set and through session_set_cookie_params and through setcookie, all with the same result.  If I don't set the domain, the cookie works fine (although only for that host of course).  I have searched high and low for an answer to this but have been unable to turn up anything.

Reproduce code:
---------------
$cookie_domain = '.my.sub.domain';

// Set session parameters and start session
ini_alter("session.gc_maxlifetime", "172800");
ini_alter( "session.entropy_file","/dev/random");
ini_alter( "session.entropy_length","512");
ini_set( "session.name",$session_name);
ini_set( "session.cookie_domain", $cookie_domain);
session_start();


Expected result:
----------------
I expect that the cookie will be set on the browser.  It does get set in konqueror, but not in any other browser that I have access to (mozilla running in both linux and windows, and ie)

Actual result:
--------------
It never appears when I try to set the cookie_domain.  If I don't set it, the cookie appears normally.  Additionally, I can turn on the feature in mozilla to ask whether or not to accept each cookie it receives, I never even get the question when the domain is set.  Note that the behavior is the same if I set the cookie_domain to the hostname as well.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-11-21 21:43 UTC] sniper@php.net
Try removing the prepended dot in the domain:

$cookie_domain = 'my.sub.domain';

 [2003-11-21 22:10 UTC] dmachi at vt dot edu
I have tried both.  I should have mentioned this in the previous submission, sorry.
 [2003-11-25 15:52 UTC] iliaa@php.net
Some browsers reject cookies with a domain specified due to some mismatches between the domain & the actual server. Are you absolutely certain that you are setting the correct domain?

You should also check if the cookie is being sent, if it is, then it's not a php issue.
 [2003-12-01 03:15 UTC] sniper@php.net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Dec 30 14:01:28 2024 UTC