Sign in

Why can cookies coexist in different primary domains

hank edited in Wed, 12 Oct 2022

https://segmentfault.com Why does domain name appear under domain name baidu.com As for the cookie, should the settings of the cookie not cross the primary domain? How is this achieved

2 Replies
commented on Wed, 12 Oct 2022

Cookie can not cross domain, but this means that the current page can only read the cookie of the domain where the page is located (i.e document.cookie )The second is that the browser carries the cookie in the request header when sending the request. The domain of the request will only carry the cookie corresponding to the domain.

But no one said that I can only request resources in the same domain as this page in a page.

segmentfault.com Page implanted in a Baidu advertising, the page will give baidu.com Send a request. If the response result contains a set cookie or a JS is writing a cookie, naturally there will not be one baidu.com You've got your cookie.

Otherwise how to do advertising tracking, Baidu and the like do not live on this.

commented on Wed, 12 Oct 2022

Several domain names can be seen under the cookie of application, which indicates that other iframes are embedded in the page. If you can see other cookies under a domain name, it's also normal, because the source can be the website you are visiting or the service used by the website. As long as you make a request to other domains and other domains support cross domain, then the cookies of other domains can be set to the current domain name. Here are two recommended articles, one is chrome's official explanation of cookies, the other is chrome's official explanation of cookies It's about how cookies can be accessed across domains

https://www.digitalcitizen.li...https :// blog.csdn.net/whzhaoc ...