Well I am back, again responding to myself. While I agree I may not be
following the protocol that is expected by some, I believe on the
positive side that someone could possibly gain something from this
conversation so I changed my mind and decided to continue with it for
one more post. I have some information now that I can share with
others. Maybe like me they are new to java script, maybe they can learn
something from this or maybe not. I hope that anyone else reading
this can enjoy some benefit from it, even if my newbie understanding is
a warped understanding of how cookies work.
I have used cookies in the past as a way to remember what button
someone last pushed on a webpage, i.e. there are 5 buttons on a page
and clicking on one (through use of javascript) will cause the color
of the button pushed to darken and the text on the page to change to
the image associated with the last button pushed, next button the
button highlighting changes with different text, etc. The last button
pushed is saved in a cookie and the screen is refreshed, then the
cookie is read so that the screen knows what was the last button
pressed before it refreshed and the condition of the screen can be
saved and remembered during the session, or longer if a longer time is
specified when the cookie is set.
I have been using this rather elementary java code on my website for
years. I then found a need for a new domain and decided to try to save
some money by using the free URL Frame redirect feature from the
registrar where I purchased my second domain. The registrar has some
"magic method" of routing my secondary domain automatically to a
sub-directory of my primary domain. For most purposes this works
great, that is unless I try to use cookies.
You probably understand how cookies are used to resolve the
statelessness of the web or you wouldn't be reading this now. So
what is the problem you say? Apparently the "security level" that
microsoft has assigned to a cookie executing on a primary domain is
different to if that same code is running on a URL Frame'd domain. I
tested this on several systems and found this is what the problem is.
From a human engineering perspective, thinking that I could somehow
educate everyone that visits my website (secondary domain) to set their
privacy settings to a lower value would be impossible. So if one
agrees with this, I am at the mercy of MS and can say for all practical
purposes that if one expects most of their users to be using IE6 or
later and that most people visiting a site don't have a clue about
whether, how, if and why to change cookie authority, then the answer is
"one can't use cookies if the domain is a URL Frame redirect".
P.S. Firefox allows the cookie to be set regardless if the html file is
on the primary domain or URL Frame redirect domain.
P.P.S. Thanks to Pointed Ears for the information, you got me on the
right track and sorry for any misunderstanding that I may have caused
between us.