Two domains, one site, one SSL checkout. How to get cookies?

Question

There is a multilingual web shop, visitors can access from two domains, with different language:
hxxp://x.com - English
hxxp://x.ru - Russian, which is an add-on domain to x.com.

The authentication and cart pages are here, through SSL: https://x.com/index.php?mode=login

How can I use the cookie informations of x.ru on hxxps://x.com? And is it ok to redirect the visitors of x.ru to hxxps://x.com for authentication, and after that, redirect back to x.ru?

thank you.

Answer 1

If you look any Google auth page it's redirect you to a SSL login page then returns to a simple http one. So i think this will be fine.

IMO you can store cookie informations in a database with a unique token then check this data against stored cookies/session variables.

Answer 2

This cannot be done precisely as you want. x.com and x.ru are different sites; if they could share cookie data, x.ru and gmail.com could also. That would be bad.

See Cross domain cookie access (or session) .

I believe you can set a third-party cookie for x.ru from x.com, but third-party cookies are often blocked by users' browers (for good reason).