How to set cookies in Magento for WWW domain
https://magento.stackexchange.com/questions/325403
-
15-04-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm trying to make sure I have set the Cookie Domain correctly. I have my website set up for https://www.example.com. I have the Cookie Domain right now set like this: .example.com When I look at the cookies in Chrome I see cookies like .www.example.com (from _ga I think that is Google Analytics), and some like this, www.example.com (from cookies_lhc.js, that is from my Live Help Chat), and some like this: .example.com from "frontend". The way I understand it, is that the "dot" stands for subdomains and www is considered a subdomain. I read elsewhere that I need to set the cookies like this: .www.example.com but that seems strange as any subdomains would be sub.www.example.com, but subdomains would really be like www.sub.example.com ...correct?
When I set the cookies like wwww.example.com without the dot I can't log in Magento admin. But I don't understand why Google adds cookies .wwww.example.com It looks like all these cookies need to be the same. I seems to work the way I have it but I don't have any subdomains set up yet (I have to upgrade my hosting for that, but soon). I don't know if there are long term ramifications to getting this wrong, there isn't really much information I can find on it. So should it be
www.example.com, .example.com, or .www.example.com
Do all the cookies need to match?
Solution
No, they don't need to match.
The cookie domain defined, where the browser sends the cookies to:
- www.domain.com means the cookie is only sent to www.domain.com
- .domain.com sends the cookie to domain.com (I think) and every suddomain, so you can exchange informations between different subdomains/servers
OTHER TIPS
To provide a little update
According to MDN:
Contrary to earlier specifications, leading dots in domain names are ignored, but browsers may decline to set the cookie containing such dots. If a domain is specified, subdomains are always included.
https://developer.mozilla.org/en-US/docs/Web/API/Document/cookie#new-cookie_domain
So in conclusion, leading dot should be omitted, and subdomains will always be included.
e.g. example.com
