Some users of DIM are reporting that they cannot use our app. Looking into it, I saw that our access to Bungie's cookies was limited to *//www.bungie.net. Now, the users reporting that they cannot log into Bungie have cookies set to ".bungie.net" but everyone else has cookies set to "www.bungie.net".
Why is there variation on the domain that the cookies are set to?
The important ones are:
bungled
bungledid
bungleme
bungleloc
These are the ones I see most often set to the ".bungie.net" domain intead of the "www.bungie.net" domain.
Thanks,
-
Bungie.net does not specify the domain of the cookie when it adds Set-Cookie headers. Instead, the browser should infer the domain from the URL it used when it sent the request. Are you seeing this issue on a particular browser?