Cross domain secure cookie usage?

I have a website that came with a SSL site for HTTPS but its on a different server. Example being

my website:

http://example.com

my SSL site:

https://myhostingcompany.com/~myuseraccount/

So I can do transactions over HTTPS and we have user accounts and everything but it is located on a different domain. The cookie domain is set for that one.

Is there a way I can check on my actual s开发者_如何学Cite to see if a cookie is set for the other one? And possibly grab its data and auth a user?

I think this violates a major principle of security and can't be done for good reasons, but am i wrong? is this possible?

You can setup a service on either site to handle RPC via HTTP POST requests. You can make it require some sort of session that can only be created by your sites. However, whatever can be accessed over that shared session on the HTTPS site will have no guarantee of confidentiality or integrity.