cookie
Cross-subdomain Cookies on Different Servers
So, I have two servers, each on a different subdomain of the same domain. We needed to send data from one to the other. Cookies seemed like the logical method, but the data that we needed to pass was actually coming from the second server. The solution I'm going to demonstrate uses an HTML image tag to invoke and retrieve data from the remote server. I've seen this solution before, never needing to try it for myself, but it's actually pretty handy (even though I find it a bit too hacky for my liking).
We will assume that our domain is domain.com with subdomains one and two.
Let's start with the image tag code of the first server:
Extremely basic. Just a URL leading to the remote PHP script. Now for the code in the file to which the image tag points.
In case you are not familiar with PHP's setcookie() function, have a look at the last variable being passed: ".domain.com". Note the dot before the word "domain". This allows the cookie to be set and used by any subdomain on that domain. Had there not been a dot there, only the root of the domain would have been able to access the cookie.
Once the image tag is placed somewhere in the files which will be accessed by visitors on server 'one,' the cookie will be set once the page loads (loading the image tag along with everything else). After all of this has happened and the cookie is set, it can then be accessed from either server. On a side note, the "display: none;" portion of the image tag is necessary so the tag won't render a broken image on the page.
One last point. In my example, I sent GET data directly to the target script and set it in a cookie without ANY validation. This is an extremely bad idea in a real world scenario. Sanitization is recommended at the very least. With that said, the resulting cookie in my example would have a value of "yoink!" since that's what we sent the script in the image tag's query string.