adam0101 adam0101 - 1 year ago 71
HTTP Question

Share cookie between subdomain and domain

I have two questions. I understand that if I specify the domain as
(with the leading dot) in the cookie that all subdomains can share a cookie.

access a cookie created in
(without the "www" subdomain)?

(without the
subdomain) access the cookie if created in

Answer Source

The 2 domains and can only share cookies if the domain is explicitly named in the Set-Cookie header. Otherwise, the scope of the cookie is restricted to the request host.

For instance, if you sent the following header from

Set-Cookie: name=value

Then the cookie won't be sent for requests to However if you use the following, it will be usable on both domains:

Set-Cookie: name=value;

In RFC 2109, a domain without a leading dot meant that it could not be used on subdomains, and only a leading dot ( would allow it to be used across subdomains.

However, modern browsers respect the newer specification RFC 6265, and will ignore any leading dot, meaning you can use the cookie on subdomains as well as the top-level domain.

In summary, if you set a cookie like the second example above from, it would be accessible by, and vice versa.

See also: www vs no-www and cookies, this test script