As a follow up to the Related Domain Cookie Attack question, I'd like to see if there are any servers that are able to detect instances where multiple cookies are sent from multiple domains.
In other words, what combinations of client software and server software can detect when multiple cookies have been issued for multiple domains?
It is impossible for the server to determine where a cookie originated from, and if an application is designed properly the origin of a cookie should not be a concern. Based on the Same Origin Policy for cookies:
www.foo.bar.example.com may set a cookie to be sent to *.bar.example.com or *.example.com, but not to *.something.else.example.com or *.com
Using this simple rule the problem of an attacker setting cookie on a related domain can be avoided entirely.
The cookies sent by User-Agents with each HTTP request only contain name-value pairs, and as such it's not possible to determine their origin from a single HTTP request to a server.
The only way of detecting different cookies (I can think of) is passing the user through various redirects at various subdomains and paths, and checking (and recording) what cookies each redirect endpoint can see).
