cookies
What is the best way to find out why a set cookie isnt working? a request sets a cookie for a full domain .google.com for example, but it doesnt get sent on subsequent requests for a subdomain. is there any logging or error message in firefox to figure out why some cookies work and and some dont? when i look in the application tab i dont see the cookie either.
All Replies (3)
If clearing cookies didn't help then it is possible that the cookies.sqlite file that stores the cookies got corrupted.
Rename (or delete) cookies.sqlite (cookies.sqlite.old) and delete other present cookies files like cookies.sqlite-journal in the Firefox profile folder in case the file cookies.sqlite got corrupted. http://kb.mozillazine.org/Cookies
You are asking about browser behavior that is very strange. I have studied this matter rather deeply and found the explanations provided do not fully correspond with what happens. Specifically, browsers do not always submit cookies even when the cookies are in the browser. I believe this fact is not well-known among web developers.
I am going to start by explaining how cookies work in general.
Cookies are name->value pairs stored in a browser. They are put into browser by webservers. To see the cookies stored by a FireFox for the url of the page you are viewing, open the inspector, by hitting CTRL-ALT together then hitting the i key. Another way to open the inspector is to click Tools in the FireFox menu, the select "Web Developer->Inspector" Here is the inspector showing cookies in my FireFox for this webpage:
For full size image, right click on the image, select "View Image".
According to all the documentation I have ever seen, when navigating to a webpage, any cookies associated with the url are sent to the webserver by the browser as part of the request for the webpage. To see the cookies sent to the browser, open the Inspector, select the Network tab, reload the page, then select the headers subtab. Here is what that looks like:
For full size image, right click on the image, select "View Image".
The effect of cookies is entirely up to the webserver. The webserver can display the cookies, ignore them, or use them to lookup data it has saved based on the value of the cookie. This Link displays cookies. You will have to click a link on that page to see the cookies. Notice the link on that web page has the exact same url as the link above.
I just discovered cookie behavior I do not understand, but which might relate to your question. Clicking the link to the cookie display above does not display cookies in my browser. Since no cookies are seen by the webserver, a link is displayed to click to see cookies. Clicking that link shows the cookies. The odd thing is the URL of that final link is the same as the url provided above. For some reason, clicking the link from this page does not send the cookies, whereas clicking a link with the exact same url from the target page gets the cookies from the browser to the web server.
Alternatively, pasting the link into the address bar, then hitting enter to bring up the page will display cookies. Here is the link, same as the link used above where it says "this link": legacy-systems.biz/longview2500/external_support/moxnix/cookies/cookies.php
For any webpage, you can use the network tab in the inspector see whether cookies are submitted by the browser to the webserver. Here is what inspector shows when clicking the link above. Here, cookies are not submitted:
For full size image, right click on the image, select "View Image".
Here, the cookies are submitted: For full size image, right click on the image, select "View Image".
The program displaying those cookies is viewable at this link .
If you are programming the web server, you can use the cookie values in the programs any way other values are used. If you are not programming the web server, there is not much you can do to influence what happens with cookies.
The web server can log errors, but you cannot see them unless you have permissions to access the logs on the webserver, which as a rule, are not public. The browser will not log errors for cookies, because from its point of view, there are no errors with cookies.
Please do not hesitate to let me know of questions or comments you might have. It will be my pleasure to provide any assistance I can.
Gewysig op
dan4 said
a request sets a cookie for a full domain .google.com for example, but it doesnt get sent on subsequent requests for a subdomain.
I assume this is just an example and you don't work at Google. ;-)
According to this article:
TheDomain
attribute specifies which hosts are allowed to receive the cookie. If unspecified, it defaults to the same origin that set the cookie, excluding subdomains. IfDomain
is specified, then subdomains are always included. Therefore, specifyingDomain
is less restrictive than omitting it. However, it can be helpful when subdomains need to share information about a user. For example, ifDomain=mozilla.org
is set, then cookies are available on subdomains likedeveloper.mozilla.org
.
From: https://developer.mozilla.org/docs/Web/HTTP/Cookies#Define_where_cookies_are_sent
This example does not use the leading . on the domain (i.e., it uses mozilla.org and not .mozilla.org), in case that makes any difference.
Demo page in PHP (seems to be working): https://jeffersonscher.com/res/cookdom.php