Details

    • Branch Version/s:
      6.1.x, 6.0.x
    • Backported to Branch:
      Committed
    • Fix Priority:
      5

      Description

      We have 2 Liferay instances on our server.
      Both of them are reachable via their own subdomain.

      Instance 1: de.sample.com
      Instance 2: test.sample.com

      We have the problem, that Liferay cookies aren't saved with fully qualified domain name, but they are saved such as "sample.com" instead of "de.sample.com".
      We do not want cookie sharing across domains.
      Instances should be completely independent from each other.

      We've located this problem:
      In class portal-impl/src/com/liferay/portal/util/CookieKeys their is a method, called getDomain(String host), which cuts off everything before the first ".":

      public static String getDomain(String host) {

      // See LEP-4602 and LEP-4645.
      if (host == null)

      { return null; }
      // See LEP-5595.
      if (Validator.isIPAddress(host)) { return host; }
      int x = host.lastIndexOf(StringPool.PERIOD);
      if (x <= 0) { return null; }

      int y = host.lastIndexOf(StringPool.PERIOD, x - 1);

      if (y <= 0)

      { return StringPool.PERIOD + host; }

      int z = host.lastIndexOf(StringPool.PERIOD, y - 1);
      String domain = null;
      if (z <= 0)

      { domain = host.substring(y); }

      else

      { domain = host.substring(z); }

      return domain;
      }

      Is there a way to disable this "feature"?

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  4 years, 2 weeks, 1 day ago