Why does cfcookie not allow setting domain = to a subdomain for CFID / CFTOKEN?

Question

Why does cfcookie not allow setting domain = to a subdomain for CFID / CFTOKEN?

<cfcookie name="CFID" value="#session.cfid#" domain=".demo.labs.dev">

gives:

Set-Cookie: CFID = 4215; Domain = .labs.dev; Expires = Sat, 04-Jul-2043 01:43:49 GMT; Path = /; HttpOnly

But if I directly use <cfheader> :

 <cfheader name="Set-Cookie" value="CFID=4212; Domain=.demo.labs.dev; Expires=Sat, 04-Jul-2043 01:37:03 GMT; Path=/; HttpOnly">

gives:

Set-Cookie: CFID = 4212; Domain = .demo.labs.dev; Expires = Sat, 04-Jul-2043 01:37:03 GMT; Path = /; HttpOnly

And this is really what I want.

Why is <cfcookie> behaving like this? The current <cfheader> will use <cfheader> .

+6

coldfusion cookies

Henry Jul 11 '13 at 1:47

source share

2 answers

You reproduced this error with a host . in domain value? According to CF8 , CF9 and CF10 docs, the value of the domain attribute Must start with a period. .

+1

Alex Jul 11 '13 at 13:23

source share

Henry · Accepted Answer · 2015-02-28T02:42:33+0000

Apparently it's fixed now ...

https://bugbase.adobe.com/index.cfm?event=bug&id=3593673

Why does cfcookie not allow setting domain = to a subdomain for CFID / CFTOKEN?

More articles: