php cross domain cookie - except static subdomain

Question

I have a website with n number of sub-domains, and one reserved for static content. I need to set up a cookie across all sub-domains except the static sub-domain. My home-page is on a sub-domain-less (domain.lk) manner. It is possible to route it to www.domain.com if necessory

It is more important to keep the static sub-domain cookie free.

I have tried the following line of code before reading cookies

ini_set('session.cookie_domain', 'domain.lk');

and

ini_set('session.cookie_domain', 'www.domain.lk');

That line was present only on dynamic sub-domains. But it didn't work. Cookie was not accessible from different sub-domains.

My static sub-domain is hard coded in to many contents (database records), therefor changing that is not a good option.

Answer 1

There's no means of setting a domain level cookie and making it not visible on given sub-domain. (You will however need to prefix the domain with a period as such...)

ini_set('session.cookie_domain', '.domain.lk');

However, if the static domain doesn't require cookies (or indeed presumably the existence of PHP at all), the fact that this cookie doesn't exist shouldn't be an issue.

That said, you should be able to overcome this using the mod_headers Apache module on the given sub-domain (so that it's not transmitted to the browser client) via...

RequestHeader unset Set-Cookie