Advanced search


(2 Posts)
MrAnchovy Tue 18-Aug-09 08:52:39

There have been a couple of threads recently about problems staying logged in. I notice that mumsnet is now available at both and, and the session cookie is set for the domain that is requested for the login page.

This obviously causes a problem if the user logs in at and subsequently follows a link to (or uses browser auto-complete to get to) Also if the user logs in from the illegal cookie domain is used - it should be

Serving the same pages at and is not good practice anyway.

Suggested solution:

1. Always set the session cookie with the domain

2. Use a HTTP 301 redirect from to - for example and general interest using Apache mod_rewrite:

RewriteCond %{HTTP_HOST} ^$ [NC]
RewriteRule ^(.*)$$1 [L,R=301]

.. although as you are parsing the URL in Java/PHP anyway it is probably more efficient to do it there.

HelenMumsnet (MNHQ) Tue 18-Aug-09 10:36:12

Thank you Mr Anchovy - your post has made BigTech nod sagely and scuttle back to the Shed.

Join the discussion

Registering is free, easy, and means you can join in the discussion, watch threads, get discounts, win prizes and lots more.

Register now »

Already registered? Log in with: