10

I am trying to follow these guidelines to make my page load quicker.

I have created a static subdomain to load static content from, however it is advising me to not have cookies sent on this subdomain, any ideas on how I might be able to do this in Apache/PHP?

I've searched around and come up with nothing yet.

Teun Zengerink
  • 4,277
  • 5
  • 30
  • 32
stukerr
  • 716
  • 3
  • 10
  • 18
  • If you ever need cookies on the parent domain (i.e. probably the bare domain), you have to set the `domain` property to `null`. Otherwise, you might find [`$cookie->setDomain($domain)`](https://github.com/delight-im/PHP-Cookie/blob/004cde69ec840e65c15275e09b92ecb1da06f357/src/Cookie.php#L117) helpful, as found in [this standalone library](https://github.com/delight-im/PHP-Cookie). – caw Sep 21 '16 at 02:32

2 Answers2

6

If you never explicitly set a cookie, cookies won't be present on the server. So, if you are using the second domain simply as a repository for images or CSS files, most likely no cookies are ever set.

Updated from Comments.

If you see a 'Request' cookie header to a subdomain you don't want to have cookies, clear your cookies and see if the server ever sends a cookie header in the Response headers. If it does, it is possible you have session.auto_start enabled, or you have a script that sets cookies.

You can check the Request and Response Headers using something like Firebug with Google Page Speed.

Tyler Carter
  • 60,743
  • 20
  • 130
  • 150
  • Thanks for your help, I think cookies are getting set as the google page speed firebug plugin is identifying css files, images etc. from the static subdomain as having cookies and using that tool I can actually see some data in the cookie field for the file. Is there a way I could check to see if cookies are explicitly set ? Also the data in the cookie looks like it contains data from the main www site, phpsession id's etc. – stukerr Jul 22 '09 at 15:02
  • If you use the 'Net' feature of Firebug, and then manually browse to those pages, you will be able to see the Request/Response headers for those files, which you would be able to see if something sets a cookie. – Tyler Carter Jul 22 '09 at 15:05
  • There appears to be cookie data under the request headers, nothing under the response header though, any ideas ? – stukerr Jul 22 '09 at 15:25
  • If it is only under the request headers, clear your cookies, and then Google Page should no longer give that warning. Basically, you are trying to send cookies to the files, but they aren't trying to set anything. So clear the cookies and then check the response. – Tyler Carter Jul 22 '09 at 15:48
  • Thanks for that, managed to work out it was actually google analytics, so I found out how to restrict that to a domain and it works now, I think this might lead to another question tho, which i'll repost as its in a slightly different area. – stukerr Jul 22 '09 at 17:58
0

You can easily take care of this in PHP. When you set your cookie, the parameter that needs to be set is the domain parameter. Often, this is set to ".domain.com" to make it available on any subdomain. Instead, you might try setting it to "www.domain.com" to restrict it to that domain. Check out the PHP manual's setcookie() documentation.

Brad Gignac
  • 819
  • 4
  • 8