When people access my app on www.example.com and log in, they get a cookie.

Question

0

Asked: May 11, 20262026-05-11T07:48:07+00:00 2026-05-11T07:48:07+00:00

When people access my app on www.example.com and log in, they get a cookie.

0

When people access my app on http://www.example.com and log in, they get a cookie. I’m using the cookie option to store session on Rails. Accessing example.com (without the www), they must log in again, because Firefox does not recognize the previous session.

So, what do you think is the best way to avoid this?

I guess I will use a small .htaccess rule (Apache + Passenger) like this:

RewriteEngine on RewriteCond %{HTTP_HOST} ^example\.com RewriteRule ^(.*)$ http://www.example.com/$1 [R=permanent,L]

Do you guys think that is a good solution?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

score 0 · Answer 1 · 2026-05-11T07:48:07+00:00

What I would do is:

Set up separate virtual hosts for domain.com and http://www.domain.com
Never publish links to domain.com, only to http://www.domain.com
When a user agent requests http://domain.com/, redirect with a 301 response to http://www.domain.com/
Only issue cookies from http://www.domain.com
Don’t try to make the whole site available from domain.com, just the main page (which is redirected)

You don’t need to involve rails in this solution at all.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

When people access my app on www.example.com and log in, they get a cookie.

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply