[FIXED] When people say "subdomain" do they mean VHosts with similar names, or mod_rewrite mappings?

Issue

I'm trying to set a cookie for use across different virtual hosts. Something similar to this has been asked multiple times here:

Cookies in subdomain doesnt work

how to access cookies on subdomain

Cookies And Subdomain

Setting cookies on domain/subdomain

cross subdomain login with cookies

Cookies and subdomains

They all mention a 'subdomain' but none describe what that is. If I have 2 Apache VHosts like so:

<VirtualHost *:80>
ServerName example.com
DocumentRoot /var/www/
...
</VirtualHost>

<VirtualHost *:80>
ServerName home.example.com
DocumentRoot /var/www/home/
...
</VirtualHost>

If I log the user in at example.com and set the --and make sure to say the next word in a deep cookie monster voice-- cookie like so

setcookie( 'id', '1234', time()+24*3600, '/', '.example.com' );

Can I get id at home.example.com like so:

RewriteCond %{HTTP_COOKIE} \bid=[0-9]+\b

Or do these cross domain cookies only work when the subdomains are set up entirely within a single virtual host (presumably with mod_rewrite)

Solution

It's entirely based on the domain name. The same-origin check doesn't care about the underlying IP.

home.example.com could be:

1. The same as example.com
2. Different
3. Your local box
4. A subdomain set up by an attacker using DNS forgery.

It doesn't matter. It's still a subdomain.

Answered By - Matthew Flaschen