1

It appears that you cannot set cookies inside a cross-domain iframe. How about reading and using them implicitly?

Consider this: domain www.megashop.com uses an iframed page from the superplugin.it. Will the JavaScript on the superplugin.it page be able to do the following:

  1. Perform an AJAX request to superplugin.it and receive cookie from the server?
  2. Keep that cookie (page reloads and the cookie is still there, of course only in an iframe and not on the containing page)?
  3. Make another AJAX request to superplugin.it, sending the cookie along?
  4. Read it into a variable?
  5. Share the cookie with the superplugin.it iframe on another domain, e.g. anothershop.info?

And, if any of the answers are yes, how does it apply to different browsers, including Internet Explorer from the version 8 and up?

Community
  • 1
  • 1
Septagram
  • 9,425
  • 13
  • 50
  • 81
  • That all depends on the browser and the user’s individual privacy settings. (Expect for question #5, cookies are never “shared” between different domains.) – CBroe Jan 22 '14 at 13:20
  • @CBroe, part of the question is: *how exactly* does it depend on the browser? – Septagram Jan 22 '14 at 16:05

0 Answers0