wget and cookies.txt — domain.tld vs. .domain.tld

1

1

I'm baking a cookies.txt file for use with some wget scripts and can't find a lot of detailed information. Currently, I'm trying to determine the difference between "domain.tld"-style cookies and ".domain.tld"-style cookies (with and without leading dot).

I've pulled a bunch of cookies from Firefox's database and there doesn't seem to be any consistency, even within the same domain. For example, this very site sets a cookie named "user" for the domain "superuser.com" and another called "__qca" for the domain "**.**superuser.com".

What is the significance of the leading dot? Is it perhaps related to the "can be read by other machines at the same domain" column in cookies.txt?

Ben Blank

Posted 2009-07-28T18:48:16.497

Reputation: 824

Answers

3

If it is set as ".superuser.com", then "foo.superuser.com" will get the cookie, but if it is set as "superuser.com" then "foo.superuser.com" does not get it.

You can read all the gory details of this in RFC 2109

richq

Posted 2009-07-28T18:48:16.497

Reputation: 1 130

I think I see where I was confused; I was focused on the "domains must start with a dot" part of the spec, but if the ";domain=" part of the Set-Cookie header is left off completely, you get a no-leading-dot hostname. Thanks! – Ben Blank – 2009-07-29T00:24:51.427

Asked: 2009-07-28T18:48:16.497

Viewed: 1 526 times

Active: 2009-07-28T20:34:05.270