I am having a problem similar to the one in this thread:
Basically I have an ASP chat inside an IFRAME. The ASP file is hosted on a different domain than the main website.
When the user logs on, the chat stores a cookie, but since it uses the main domain, the chat doesn't recognise it.
How can I get it to go and check the cookie in the main domain and then go back and verify it with the chat?
Same thing that tbnguyen explained, but i dont know how to do that..
If you want to set it up so that it does protect in some form using the cookies, then have it redirect to another page within the domain first, check against the cookie in that domain, then redirect to the other site. Since you are already using SSL, pass in a hidden variable and set the next domain cookie to the hidden value and you can continue on that site from there, if not, then the value should always be cleared.
I'm sure there are better ideas but I would set a cookie on the other domain as the user is logging in on the main domain. Have it call a page on the other domain with a 0 pixel image that sets the cookie information in that domain too.
I think if you do this, you will have to set up a P3P policy though.
Last edited by keithslater; 04-29-2005 at 02:56 PM.
I have no idea how to do that.. i wonder if I put the code if you could help me. It would be much appreciated!!
'/// Get Nick Name
if nick<>"" then
if xlaSBnick="" then
formproperties="action=bottomframe.asp onsubmit='return validatenick();'"
formproperties="action=receiveframe.asp target=xlaSBreceive onsubmit='return shout();'"