Cookie on alias domain?

[Ivan Schuetz]

I hope I can explain well - not an expert in this.

I created an app in Heroku, the url is myappname.herokuapp.com

I set up a custom domain name for this app: myappname.net

Now when I login in myappname.herokuapp.com everything works well, the login, the static pages, and some post requests (using a json api) which require an authenticated user.

But when I use myappname.net these post requests don't work. It's because the auth cookie is not being sent. It's being sent in the requests for static files (there login works properly - I'm displaying a user pic etc and it's fine), I think because in the json requests the host header is "www.myappname.net". But in the json api calls the host is "myappname.herokuapp.com" and since this is not the domain of the cookie is not being set (or something like that).

So... I found this setting in securesocial.conf

cookie {

...

#domain=some_domain

}

and changed the value to:

.myappname.herokuapp.com

And now the login also doesn't work in the static pages (cookie is not being sent), and still doesn't work in the json requests.

How do I fix this? Maybe it's just the syntax of the domain? Each deploy takes very long and I wouldn't know how to try this locally, so I thought better I ask here first.

[Ivan Schuetz]

Solved it - it just had a stupid mistake - the ajax calls were still being made for myappname.herokuapp.com instead of www.myappname.net. That's why the cookie domain didn't work.