In our application we use cookies for authentication. We use the global cookie manager to set a cookie with the respective domain, for example "server.domain.de". Now, however, I have noticed that this cookie arrives in the chromium as ".server.domain.de", with a dot in front of it. While this basically works for authentication, there are problems if this cookie is to be overwritten by the web server. If the web server wants to overwrite the cookie, it does not use a dot. This ultimately gives us two cookies with the same name, which results in authentication errors.
My question now: How can I configure the Global Cookie Manager not to place a dot in front of the domain?
I pass this data to the cookie manager:
url = "https://server.domain.de/some/path"
name = "AuthSessionId"
value = "..."
domain = "server.domain.de"
path = "/"
secure = true (also tried with false)
httponly = true (also tried with false)
creation = (Now)
last_access = (Now)
has_expires = false
expires = (not set)
Also tried it with expire date:
has_expires = true
expires = (Now + 2 days)
I'm using the Delphi implementation CEF4Delphi for using chromium embedded framework. CEF4Delphi passes the domain correctly to the global cookie manager.