Lets say I login into site1.com and that creates a few cookies for me on the domain. Then I go to site2.com and in the javascript of the site I make a JSONP request to site1.com. The weird thing I am noticing is that the cookies for site1.com are sent along with the request that originated on site2.com (I thought site2.com would not have access to site1.com cookies).Is this valid behavior for modern browsers (tested with chrome)?Would it be possible for site2.com to actually gain access the cookie data that seems to be automatically sent with the request to site1.com (through inspecting the request or something)?
Weird with ajax request to external domain and cookies
- Thread starter Twix
- Start date