Host-only

In this lesson, we'll study host-only cookies.

We'll cover the following...

When a server does not include a Domain directive the cookie is to be considered host-only, meaning that its validity is restricted to the current domain only.

This is a sort of default behavior from browsers when they receive a cookie that does not have a Domain set. You can find a small example I wrote at github.com/odino/wasec/tree/master/cookies. It’s a simple web app that sets cookies based on URL ...