Implementing Cross-Domain Cookies

Author:

His solution is web-server implementation-specific, and as a result is no solution for those who use something besides Apache. As well, any solution that requires too many pieces to successfully interact is a fragile solution when it comes to web implementations. Asynchronous foot races tend to develop between all the pieces of the solution that are supposed to be serialized and well-behaved, if for no other reason than the internet infrastructure is not aware of the whole logical framework of the intended interaction ... each router, each server is just busy pushing packets and bytes from many sources to many desinations at any one instant. A more elegant solution would be to pass information between cross-domain apps as an extra header or two that are then stored and referenced by the target app. More than one less-than-honorable user has been known to turn off javascript / java / activex in the middle of a transaction in order to gain some advantage / cause some havoc / evade detection, etc. Then where does your information go ?