Cookies - set across multiple domains

后端未结

关注

 5  1694

梦如初夏 2021-02-01 22:01

My company has a setup as follows:

subdomain1.domain1.com
subdomain2.domain1.com
subdomain3.domain1.com
subdomain4.domain1.com

5条回答

感动是毒 (楼主)

2021-02-01 22:39
Include a script tag from domain2 that sets the cookie using a username and hashed password:
You can then check to ensure that the hashed passwords match (one way).

Key points:
1. Make the hashes in the URL time sensitive by appending a timestamp that will be agreed upon by the server (for example, 16:00, 16:10, etc) before hashing the string. If you're using HTTPS this is less of an issue.
2. If your passwords are already hashed, it wont hurt to double-hash the passwords assuming the salts are the same on both servers.
Sample PHP code:

src:
dest:
0 讨论(0) 查看其它5个回答发布评论: 提交评论加载中...