[thelist] someone else's cookies?

Warden, Matt mwarden at odyssey-design.com
Mon Oct 16 14:23:58 CDT 2000


You didn't give a URL and the one in your siggy didn't show any SITESERVER
cookies that I could find, but...

> SITESERVER=ID=and what is presumably a session id string
> RMID=presumably a session id string
>
> I thought browers would only return cookies which are set by that
particular
> domain, but as far as I know we aren't setting them. It could be something
> our hosting company has set up, but then why doesn't everyone get them.
And
> isn't SITESERVER=ID= a microsoft thing?

It has to do with the server, and Site Server is a Microsoft thing. But, I
can't say for a 100% certainty that MS didn't come out with a non-Win32
version. However, I suspect that you have banner ads on this site and/or
images that are located on other servers. When a browser reads:

<img ... src="http://myotherserver.com/myimg.gif" ...>

the browser makes a request to myotherserver.com for the file myimg.gif.
It's possible that the server on myotherserver.com is set up to set cookies
on any file, not just "web documents".

> I don't mind them, but it doesn't fit in with how I thought cookies
worked.
> Does anyone know where these are coming from?

Another server can set a cookie while visiting a page from another domain,
but the domain of that cookie must be the domain of the other server (I
believe). This is because the other server knows nothing about what page
you're on, only that you've requested myimg.gif. You could have typed
http://myotherserver.com/myimg.gif in the browser window.

hth,

--
mattwarden
mattwarden.com





More information about the thelist mailing list