• 0

[PHP/Javascrip]Delete cookie set by another domain


Question

I need to be able to use a script on "http://www.domain1.com" that will delete a cookie stored on your computer that was set by "http://www.domain2.com".

I've tried using the following in php:

setcookie ("cookiename","", time()-3600,"/main/","http://www.domain2.com");

but it isnt working. I guess it wont let me delete it from a different site, even though i told it the site it was coming from.

Please help!

8 answers to this question

Recommended Posts

  • 0
  LAD said:
That would be a security risk if it allows you to do that. You can't do it.

585713181[/snapback]

Okay...hmm...

Then is it possible to delete all the cookies that are stored on your computer using a javascript or php script?

  • 0
  LAD said:
Nope, again, that would be a BIG security risk. Imagine I'm setting up a page that would delete all of the cookies from Amazon on your computer. You can only modify/delete cookies from the same domain that was used to create them.

585713202[/snapback]

what is the security risk? You can manually delete cookies from your browser, what is the difference with the script?

  • 0
  kingpuka said:
what is the security risk? You can manually delete cookies from your browser, what is the difference with the script?

585713240[/snapback]

well if you can delete a cookie that was set by other domain, then you can modify the cookie, that the other domain sets. So your website can get information about the person.. Like e-mails address, username, passwords, etc..

  • 0
  gerry.74 said:
well if you can delete a cookie that was set by other domain, then you can modify the cookie, that the other domain sets. So your website can get information about the person.. Like e-mails address, username, passwords, etc..

585713349[/snapback]

ah, but you can view that stuff from your browser. (at least in firefox).

Is there a way to clear all the cookies on your computer, using a script of some sort. I don't want to view any of them, just have a button that when clicked will clear all the cookies stored on your computer.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • Ah .. lockout for suspicious activity. I bet they uploaded the SanDisk utility detected as malware
    • Microsoft 365 will soon disable outdated authentication protocols for file access by Usama Jawad On a fairly regular basis, Microsoft disables outdated protocols that are used to access its services. In the past few years, the company has deprecated Basic Auth in Exchange Online and cut access to Outlook for third-party apps relying on this protocol. Now, it has decided to get rid of old authentication protocols for file access across Microsoft 365 services. As reported by Bleeping Computer, Microsoft has posted a message on its Microsoft 365 Admin Center. Starting from mid-July 2025, the company will begin disabling legacy authentication protocols used to access files across Microsoft 365 and Office apps, SharePoint, and OneDrive. Essentially, applications or services which use the Relying Party Suite (RPS) or FrontPage Remote Procedure Call (FPRPC) will to perform browser-based authentication to perform open operations on Office files will no longer be able to do so. As expected, this is primarily being done to improve the cybersecurity posture of various services. Microsoft states that RPS can be brute-forced and phished with relative ease as it is fairly outdated. Similarly, FPRPC is typically used for remote web page authoring and it is susceptible to exploitation through various vulnerabilities too. As such, both of these protocols will be disabled by default starting from mid-July 2025, with the rollout of this change targeting completion by August 2025. The Redmond tech giant will update the protocol baseline by default without mandating any licensing changes for customers. In addition, once these modifications are rolled out, Microsoft 365 will require admin consent to get third-party access to files and sites. IT admins can view the guidance available here to configure admin consent workflows. Microsoft says that these changes align with the principles of its Secure Future Initiative (SFI). Earlier today, it announced the rollout of improved security defaults for Windows 365 citing the same reasons too.
    • It does and it can... I took an i3 board and upgraded it to my FX8350... no issues, just put in new drivers over the top that Windows didn't. Not the issue for me, (though I eventually did do a new install from 23H2 to 24H2)... I was on 22H2 at the time. The issue is activation. You may get hit with having to activate again.
  • Recent Achievements

    • First Post
      Fuzz_c earned a badge
      First Post
    • First Post
      TIGOSS earned a badge
      First Post
    • Week One Done
      slackerzz earned a badge
      Week One Done
    • Week One Done
      vivetool earned a badge
      Week One Done
    • Reacting Well
      pnajbar earned a badge
      Reacting Well
  • Popular Contributors

    1. 1
      +primortal
      707
    2. 2
      ATLien_0
      283
    3. 3
      Michael Scrip
      218
    4. 4
      +FloatingFatMan
      197
    5. 5
      Steven P.
      130
  • Tell a friend

    Love Neowin? Tell a friend!