iFrames and Cookies

views:

115

answers:

iFrames and Cookies

I have a site on A.com and an iframe on B.com which reads info from A.com. I realize that there is some problems with third party cookies, iframes and P3P - particularly in Safari [my problem]

Is it possible to instead, use AJAX or a hidden iFrame to pass the cookie information from A.com to B.com which will then "recreate" another cookie with the same information on the iframe in B.com.

I am trying to do this for authenication - i.e. a user is logged in on A.com and then goes to b.com and the iframe is also logged in ?

I was hoping to perhaps pass the data in a hidden iframe and "recreate" the cookie in the iframe on B.com using JavaScript? Is this possible ? Security issues ? What about HTTPS?

I'm afraid you're out of luck. In Safari and IE8, it's impossible to set a cookie in a domain which is not the primary document's domain.

So, in other words, you can only set cookies for a domain which is visible in the address bar. There are no tricks to get around this problem.

Philippe Leybaert 2010-06-01 08:18:09

ah really so you cant even "create" the cookie at all ?

Tom 2010-06-01 08:33:06

i.e. its not passing the "cookie itself" - rather passing the cookie data, then using createCookie() to recreate the cookie ? or still wont be allowed ?

Tom 2010-06-01 09:00:11

No, the frame for B.com is not allowed to set/create ANY cookies.

Philippe Leybaert 2010-06-01 09:02:52

ok thanks :( well there goes that idea. ill try to use P3P only then and some kind of work around

Tom 2010-06-01 09:15:44

Have you considered using a shared database for authentication?

Jan Kuboschek 2010-06-01 08:28:20

ansaurus

tags:

views:

answers:

iFrames and Cookies

related questions