Closed kabel closed 7 years ago
All of the sites do not have $cookie_domain set in settings.php, so their cookies are scoped to .example.unl.edu
I think this problem is only happening with www.unl.edu:
In function drupal_settings_initialize() in bootstrap.inc
if (strpos($cookie_domain, 'www.') === 0) {
$cookie_domain = substr($cookie_domain, 4);
}
I think I have this solved by setting the top level site's settings.php to:
$cookie_domain = '.www.unl.edu';
Session cookies should be assigned to the domain for which site they are for, not the overall
.unl.edu
parent domain. Putting them on the parent floods other servers with useless cookies and provide no value to the end-user.