php setcookie domain

Nathan H picture Nathan H · Feb 17, 2010 · Viewed 50.5k times · Source

Some application, not written by me, and not in PHP, creates a cookie for the domain "www.domain.com".

I am trying to replace that cookie. So in php I did:

setcookie('mycookie','mydata',time() + 2*7*24*60*60,'/','www.domain.com', false);

However the resulting cookie is created for domain: ".www.domain.com", note the dot "." ahead of the domain.

So it doesn't replace it, it creates another cookie. What can I do?

Answer

Select0r picture Select0r · Feb 18, 2010

The issue is also adressed here: https://www.php.net/manual/en/function.setcookie.php

See comment by jah:

If you want to restrict the cookie to a single host, supply the domain parameter as an empty string

You could also try .domain.com as the domain. The trailing dot will allow a cookie for all subdomains for domain.com and could overwrite the www.-cookie, but I'll go with the above solution first.