Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Won't Fix
-
None
-
None
-
None
Description
When using cookies for authentication, there is no "domain" set for the cookie.
This is fine - because this will default the cookie to the domain you accessed it from.
However, if you want to, for example, login to auth.domain.com and then access 1.domain.com, 2.domain.com - your authentication won't be valid as the cookie domain will be auth.domain.com
I'd like to see an option in local.ini to turn on a wildcard cookie. This would set the domain to ".domain.com" which would allow the cookie to work across subdomains. This would default to off and only affect people who want this specific use.