[ic] secure server
msquared
msquared@digitalwizards.com.au
Tue, 9 Jan 2001 10:59:51 +0800
On Mon, Jan 08, 2001 at 03:27:37PM -0800, Jason Ballou wrote:
> I've found that when using the newest versions of IE
> and Netscape, the cart contents are dropped when you
> go to the secure server if the domain names do not
> match. No idea why,
That'll be because you can't move cookies from one domain to another. If
the cookie domain is set correctly, though, I think you could do it. Say
your hosts were:
www.shoppingplace.com
secure.shoppingplace.com
If you set your cookie for shoppingplace.com instead of
www.shoppingplace.com, then I *think* secure.shoppingplace.com can also
see it. Anyone care to confirm this?
There is a special case of a cookie exploit that can violate these rules,
however:
http://www.cookiecentral.com/bug/index.shtml
2
Regards, /|/|
/ | (MSquared)
--
___________________________________________
M Squared <msquared@digitalwizards.com.au>
Product development
Digital Wizards
http://www.digitalwizards.com.au