[support] Session Cookies and subdomains

Earnie Boyd earnie at users.sourceforge.net
Fri Aug 22 12:27:29 UTC 2008


Quoting Daniel Carrera <daniel.carrera at zmsl.com>:

> Hello,
>
> Drupal seems to keep a different set of cookies for each subdomain. For
> example, it is possible to be logged in as User_1 in http://foo.org and
> at the same time, on the same browser, to be logged in as User_2 in
> http://www.foo.org
>
> I figure that this is because Drupal's cookies are different for foo.org
> and www.foo.org
>
> I've had complaints from users that they log in as one user and
> magically they appear as a different user. I'm thinking that perhaps
> this url/cookie issue is the root problem.
>
> Is there a way to tell Drupal to use a single set of cookies for all
> domains? If I recall correctly, if you set the cookie domain to .foo.org
> (notice the '.' at the beginning) the cookie will apply to all domains.
> Does anyone know where I might set this?
>

The fix is easy:  1) settings.php
2) search for $cookie_domain
3) edit the line to set it to the domain you desire, e.g. www.foo.org.

Earnie -- http://for-my-kids.com/
-- http://give-me-an-offer.com/



More information about the support mailing list