couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Spode Miller (JIRA)" <j...@apache.org>
Subject [jira] [Created] (COUCHDB-1959) Cookie Domain Setting
Date Thu, 12 Dec 2013 14:24:06 GMT
Andrew Spode Miller created COUCHDB-1959:
--------------------------------------------

             Summary: Cookie Domain Setting
                 Key: COUCHDB-1959
                 URL: https://issues.apache.org/jira/browse/COUCHDB-1959
             Project: CouchDB
          Issue Type: Improvement
          Components: HTTP Interface
            Reporter: Andrew Spode Miller


When using cookies for authentication, there is no "domain" set for the cookie.

This is fine - because this will default the cookie to the domain you accessed it from.

However, if you want to, for example, login to auth.domain.com and then access 1.domain.com,
2.domain.com - your authentication won't be valid as the cookie domain will be auth.domain.com

I'd like to see an option in local.ini to turn on a wildcard cookie. This would set the domain
to ".domain.com" which would allow the cookie to work across subdomains. This would default
to off and only affect people who want this specific use. 



--
This message was sent by Atlassian JIRA
(v6.1.4#6159)

Mime
View raw message