cookies domains over more than 1 protocol

Hello Community,
How does one simply implement a cookie-less domain solution when using more than 1 protocol (http/https)?

For example:

cookie-less domain used: http://www.abc.com
http URL: http://www.xyz.com
https URL: https://www.xyz.com

In the HTTP state, the cookie-less domain will not prompt any mix content messages but it will most likely will prompt when in an HTTPS state (i.e. IE browsers).

Any thoughts?

Thanks.

TRX

  1. Make sure the cookieless domain can support both HTTP and HTTPS

  2. Reference the resources on it using a schemaless URL e.g. //www.abc.com i.e. URLs that don’t start with http: or https:

I like #2. I’ve never tried it before. I’ll give it a try and let you know how it goes. Thanks!

Only thing to watch out for with schema-less urls is CSS files and older versions of IE (doesn’t break anything so probably worth ignoring at this point). Paul Irish has a good post on it here: The protocol-relative URL - Paul Irish

I think Steve or Stoan have a post about one of the older IEs (7/8?) making duplicated requests with schemaless URLs but I couldn’t find when I went looking

Yeah, that would be the IE issue I mentioned :wink: It only impacts CSS resources that are imported or linked AFAIK and it just downloads twice but doesn’t actually break the page - which seems like a fair thing to ignore for versions of IE that are very risky for users to be using at this point anyway.