Am Sonntag, den 29.08.2010, 13:38 +0200 schrieb "Chris Young" <[email protected]>: > Cookies are valid for the domain they set and all subdomains below. > A cookie set for amigaworld.net will be served to amigaworld.net, > www.amigaworld.net, some.other.subdomain.amigaworld.net etc.
That would mean: a cookie from user1.mydomain.net can also be read by user2.mydomain.net ??? > The domain is set as specified by the site, not the browser (although > most browsers AFAIK will block cookies which specify a domain other > than the one setting it, not sure if NetSurf does) That would mean a cookie from user1.mydomain.net could also overwrite the cookie set by user2.mydomain.net or any other domain ,just because the HTTP header says to do that? Please tell me what's wrong with my expectations... Greets, Ole
