tags:

views:

6761

answers:

3
+8  Q: 

Accessing Domain Cookies within an iFrame on Internet Explorer

My domain (let's call it www.foo.com) creates a cookie. On another site (let's say, www.myspace.com), my domain is loaded within an iFrame.

On every browser (Firefox, Opera, Camino, Safari, etc...) except for Internet Explorer, I can access my own cookie. In IE, it doesn't give me access to the cookie from within the iFrame.

Is there a way to get around this?

Really, this makes no sense because the site trying to access the cookie is www.foo.com and the cookie is owned by www.foo.com. But for some reason, IE thinks the iFrame makes them unrelated.

+14  A: 

Internet Explorer's default privacy setting means that 3rd-party cookies (e.g. those in iframes) are treated differently to 1st party cookies. (by default, 3rd party cookies are silently rejected).

For IE6 to accept cookies in an iframe, you need to ensure your site is delivering a P3P compact header.

See http://support.microsoft.com/kb/323752/EN-US/ for more.

mopoke  2008-09-18 23:56:01
Does this work in IE7 or IE8 Beta?
Sleep Deprivation Ninja  2008-09-19 00:02:09
I believe it should do. I've not tried it myself. But it certainly solved the problem for me on IE6.
mopoke  2008-09-19 00:05:16
w00t. This worked: HttpContext.Current.Response.AddHeader ( "p3p", "CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\""); from here: http://aspnetresources.com/blog/frames_webforms_and_rejected_cookies.aspx details here: http://www.p3pwriter.com/LRN_111.asp
Sleep Deprivation Ninja  2008-09-19 16:13:20
A: 

That sounds like a privacy setting issue to me. Either increase your security settings in IE (which you won't be able to convince your users to do), or take another approach.

William Keller  2008-09-19 00:02:07
+1  A: 

In PHP: header ( "p3p:CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"");

 2009-05-12 11:01:46

related questions

Prevent Use of the Back Button (in IE)
How to stop IIS asking authentication for default website on localhost
Why do I cannot jQuery my page under Internet Explorer
How To Write a Plug-In for IE
Firefox vs. IE: innerHTML handling
Detect DOM modification in Internet Explorer
Good reasons for not letting the browser launch local applications
Printing DOM Changes
IE6 security login (debugging via VirtualPC)
What is your best tool or techniques for getting the same display on IE6/7 and Firefox?
IE 7+ Favorites
IE Securty Zone Issues
JavaScript Profiler in IE
IE6 - can't load a normal JPG
Opening Explorer shell with admin priveleges on XP (with IE7 installed)
Should we support IE6 anymore?
How do I add a pre tag inside a code tag with jQuery?
How can I get Unicode characters to display properly for the tooltip for the IMG ALT in IE7?
Weird event behavior in IE7
Firebug for IE
Debugging Javascript in Internet Explorer and Safari
IE6: To support or not to support.
Tabbed file browsing in Windows
Debugging: IE6 + SSL + AJAX + post form = 404 error
Javascript troubleshooting tools in IE