Set cookies in another domain using curl

Question

Set cookies in another domain using curl

Can I use curl or other means to set a cookie in another domain? I have access to a php file on another domain that can set a cookie, but I don't know how to access this php file using curl, and then set a cookie.

+4

php curl cookies

jdeans Apr 20 '10 at 0:24

source share

2 answers

Mitch dempsey · Answer 1 · 2010-04-20T00:29:27+0000

You can use cURL to get a cookie ID from another domain, and then use it inside your program, but if you mean to set cookies in your browser - no, you cannot, cookies can only be set for the domain in which they were generated.

alex · Answer 2 · 2010-04-20T00:56:57+0000

If you are trying to set a way to automatically log in (or similar) to the second site, and you manage this site, you really only have one option (maybe I don’t know more).

Create nonce and save to db
Associate the current date / time and user agent with it
Attach it to the link to the second site via GET

Now that the second site receives an inbound link with this GET parameter, it should

Check if exists
Verify that the user agent has not changed
Make sure that the time between created and requested was not too long (I go with 10 minutes).
Remove nonce

Be warned

This session can be captured, for example, by some person in the middle. But the person who captures him must do all this.

View outgoing nonce
Copy it and go to the site before .
Enter the same user agent string

Remember this.

You can also check if the IP is permanent, but this can cause some people to not be authenticated if their IP address changes, and this will not help multiple users to use the same external IP address.

Set cookies in another domain using curl

Be warned

More articles: