Getting setting cookies on different domains, with javascript or other

Haven't been able to find anything particular to this situation online so here i go... I need to set/get the cookies stored at "first.com" while browsing "second.com", I have full access of "first.com" but i only have javascript access (can manipulate the DOM as i want) on "second.com".

My first approach was to create an iframe on second.com (with js) that loaded a page like "first.com/doAjax?setCookie=xxx" and that did an ajax call to say "first.com/setCookie?cookieData=xxx" which would set the cookie on "first.com" with the data we passed around.

That pretty much worked fine for setting the cookie on first.com from second.com - for getting a cookie I basically followed the same procedure, created the iframe that loaded "first.com/doAjax?getCookie" and that would do an ajax call to say "first.com/getCookie" which would read the cookie info on first.com and return it as a JSON object.

The problem is that I'm unable to bring that JSON cookie object back to "second.com" so I can read it, well maybe i could just bring it when the Ajax call is complete using "window.top" but there's timing issues because its not relative to when the iframe has been loaded. I hope i am clear and was wondering if there's an easier solution rather than this crazy iframe->ajax crap, also seems like this wont even work for getting cookies in SAFARI.

I cant use the script tag to read cookies from a different domain, right? I need to actually be on first.com to actually read its cookies, i cant just add a script tag to second.com to get the cookieData... therefore i need to use an iframe, or i dont know... Maybe i didnt understand your answer, let me know.

You aren't technically using a script tag to read the cookie values, the script is included into your page, therefore it is in the same scope and can call any function on second.com

Okay, but the script tag evaluates itself on second.com, therefore reading the cookies from second.com, not first.com

Yes, it is evaluated, but the contents of the script is generated on first.com, therefore it can pass the cookie values to second.com

what really? does that work for setting cookies as well? is it cross-browser?

Now I know the result of the script tag gets evaluated in the global scope, but what if im returning plain JSON like {"one":"hi"}, how am i suppose to call that if its in the global scope... i guess I could name the object like var myData = {"one":"hi"}, but maybe there's a better solution.

Apparently this method only works in Firefox, i tested it in Safari and IE6, both didnt seem to be able to set/get cookies...

Like i said above, this by the way only works in Firefox... any ideas?

I have no idea what's going on, you'll need to do more debugging.

Im able to GET cookies fine with the method provided by Ryan Doherty, it seems like it SETs cookies as well on most of the browser except Safari.

This didn't work for me. I received the response in Chrome: XMLHttpRequest cannot load second.com/test.php. Origin first.com is not allowed by Access-Control-Allow-Origin.

@LucaMatteis ... as long as CORS (dev.w3.org/2006/waf/access-control) is not enabled.

That's a CORS issue. Unrelated to the cookie issue.