 |
 |
|
|
||
Multi-domain cookies are an illusion. But you can have workable simulations. You are probably aware of the fact that cookies set by one domain can't be read by another. It's a privacy feature, and a good one. When a domain sets a cookie on your browser, only that domain can read it. And the webmaster of the domain is relatively certain that no other domain can read the cookie set on the visitor's browser. ("Relatively certain" because some browser's security features seem to be compromised with alarming frequency.) If you have more than one domain, the domain restriction can seem to be a barrier to what might be considered legitimate and ethical use of cookies. Two examples of such uses might be:
The basic technique is the same for both of the above. But the implementation differs. Basically, you decide which of your domains will be the "cookie handler domain." Cookies set and read for the above purposes are done by a script on your cookie handler domain. For the popup functionality like the above example, the script on the cookie handler domain is called with JavaScript code. The script checks for the presence of a specific cookie. If not found, the script sends a popup launching JavaScript function to the browser. If found, the script sends an empty function, instead. For the tracking functionality, the script on the cookie handler domain is called with an image tag. The script updates the tracking database, reading and setting cookies as required, and then sends an image to the browser. Note that this technique uses what is called "third-party cookies." That is, the cookies are read and set on a domain other than what's in the browser's address bar. The system is not infallible. Some browsers can be set to ignore third party cookies. Others, such IE6, can be set to require a privacy policy of a specific format before accepting third party cookies. The publisher of IE6 provides a guide for web site owners to make an acceptable privacy policy. It is "How to Deploy P3P Privacy Policies on Your Web Site" at http://willmaster.com/a/12/pl.pl?129artie6p3p If you're interested, an IE6 Privacy Feature FAQ is at http://willmaster.com/a/12/pl.pl?129artie6faq The Popup Functionality. First: (i) Obtain the script from http://willmaster.com/a/12/pl.pl?129artpuf (ii) Make the modifications per instructions and upload it into the cgi-bin of your cookie handler domain. Next: (i) Change the URL in the following JavaScript to the URL of the script you uploaded in the above paragraph. (ii) Put the JavaScript on your web pages in the HEAD area. <script language="JavaScript" src="http://domain.com/cgi-bin/monitor.cgi"> </script> If your web pages' BODY tags have onLoad or onUnload attributes, those are still required. But your page doesn't need the JavaScript popup function because the script provides it as appropriate. Last: Upload your web pages. The above can be modified to do other tasks that require inserting code or text into a web page, the nature of which change depending on the presence or values of cookies. The Tracking Functionality.
First: (i) Obtain the script from
http://willmaster.com/a/12/pl.pl?129arttrack
Next: (i) Change the URL in the following image tag to
the URL of the script you uploaded in the above paragraph.
<img src="http://domain.com/cgi-bin/monitor.cgi" height="2" width="3" border="0">
Because many browsers are set to cache images, you may wish to append a question mark and a unique string of characters to the URL. So long as each page with this URL has a different string of characters following the URL, most browsers will load the image the first time the page is loaded. Example: <img src="http://domain.com/cgi-bin/monitor.cgi?skdefi332d" height="2" width="3" border="0"> Last: Upload your web pages. The above can be modified to do other server-related tasks, the nature of which change depending on the presence or values of cookies. Now, dear reader, your several domains can function as if you were actually using multi-domain cookies.
By: Will Bontrager Copyright 2002 Bontrager Connection, LLC
| ||