I've always known that you can specify a domain when you set a cookie, and for kicks I experimented with a test page setting a cookie for the yahoo.com. Seems to me that browsers wouldn't allow this as it could create any number of security problems.
This is why the specification mentions, "Only hosts within the specified domain can set a cookie for a domain."
Question: why didn't this work, is it supposed to work the way I was trying, and if not, then what is that domain variable there for?
It allows you to specify the domain for which the cookie is valid. When a browser makes a request, it checks for cookies to be included in the Cookie header. Only those that meet the requirements (domain, path, expiry, etc.) are included.
Hope that helps.
Chris
-- Chris Shiflett Brain Bulb, The PHP Consultancy http://brainbulb.com/
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
