Cookie Across 2 Domains

Question

Hi everybody,

I want to implement a cookie to store the values of the UTMs when a lead hits our website from our paid campaigns. A cookie will help me preserve the value of those utms even if a lead doesn't convert right away. I'll set up all my forms so that when the lead comes back and fills out a form, the hidden fields in my form will pull the data from the cookie and store them in our database.

The problem I'm facing right now is that I have marketo forms embedded in both my corporate website (example.com) and in maketo landing pages (go.example.com) which have different domains. My web team let me know that cookies are domain-specific. So if the cookie is created when a lead visits my website (www.example.com), that cookie won't be readable from a form living in a marketo landing page (go.example.com) and viceversa.

Has any of you faced this situation? How did you solve it?

Thanks in advance for your help!

SanfordWhiteman · Accepted Answer

My web team let me know that cookies are domain-specific.

I hope they also gave their 2 weeks' notice out of shame.

From the standpoint of cookies, www.example.com and go.example.com (and whatever.example.com) are not different domains. Cookies can be shared among websites using those domains without a problem, as long as the cookie is set to the uppermost private level, .example.com.

The domains are different origins, but origins are not used to decide cookie permissions. Cookies have a much more permissive security model. Your team may have been thinking of cross-origin XHR (Ajax) which does use origins.

Cookies cannot be shared across www.example.com and go.example.org. Those do not share a common private domain suffix.

Anonymous · Answer

Thanks for the quick reply, @Sanford Whiteman! This helps, I'll share the details with them -- I do believe they were thinking about XHR.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded