Hi all,
Thanks in advance for helping a first-time poster. I've been banging my head on the wall all day...
I have a site that must be able to function and set cookies while running inside a frame. In IE, with default security settings, this is a problem, because a framed site's cookies are treated as third party. Now, I've read all the info on P3P, and I've created a compact privacy policy, served via HTTP header, an XML policy file, and an XML reference file. I have checked, and the header is being sent properly, and IE can read the policy file.
However, it is STILL blocking cookies from the site. I've created a stripped-down example here: http://www.hankshelper.com/privtest.php Note that cookies in the framed site are being blocked by IE (6, 7, and 8).
If anyone could check out my compact policy
Header set P3P "policyref=\"/w3c/p3p.xml\", CP=\"IDC DSP COR NID DEVi OUR BUS INT\""
and/or XML policy http://www.searchtempest.com/w3c/searchtempest.xml
and let me know wtf, I would be eternally grateful. I've stripped them down as much as possible, and I just can't see anything that IE would have a problem with. (And of course IE itself is wonderfully verbose as far as exactly WHY it's blocking cookies...) I'm happy to provide any additional information you need.