Click here to Skip to main content
Click here to Skip to main content

Tagged as

Go to top

IE Blocking IFrame Cookies

, 13 Jun 2011
Rate this:
Please Sign up or sign in to vote.
IE Blocking IFrame Cookies

Microsoft...

  • A company that wishes to set development standards.
  • A company you must know how to work with.
  • A company we all hate to love.

A little story, if I may...

I work in a company that supplies sports betting solutions for online gaming web sites. About 2 months ago, we got a new client with a slightly weird request - The solution should be placed in an existing site's IFrame.

The minute I heard that request I thought to myself that the amount of problems we'll encounter will give us tremendous amount of work.  But as always - The client's always right.

Three weeks ago, we were almost ready for beta when our QA discovered some small issues regarding user preferences: Odds, Time Zone and Languages are not displayed correctly only on IE 7 and IE 8.

After wishing some bad things to happen to Bill, my next action was to open the HttpWatch tool IE has and locating where the cookies are being set. I saw that whenever the cookies are set as Session Cookie, it all works as it should, the problem then lays with cookies that have expiration date.

Since I was responsible for deploying 3 white labels (each project is called white label), this whole process took me about 2 weeks!

So, after writing some angry emails to Microsoft (but not sending them), I started looking for someone's solution to that problem. And that it was when I encountered a very small and cute article talking about P3P or as you might know it: "Platform for Privacy Preferences (P3P) Project".

In short, unless you have some identifier in the page's header - IE won't except your third-party cookie. So you need to set the P3P header in every page you wish the cookie to appear.

I took the time to write the header addition in some languages / platforms:

PHP

header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD 
IVAi IVDi CONi HIS OUR IND CNT"');

ASP.NET

HttpContext.Current.Response.AddHeader("p3p","CP=\"IDC 
DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"");

Django

response = render_to_response('mytemplate.html')
response["P3P"] = 'CP="IDC DSP COR ADM DEVi TAIi PSA PSD 
IVAi IVDi CONi HIS OUR IND CNT"'

JSP

response.addHeader("P3P","CP=\"IDC DSP COR ADM DEVi 
TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"")

If you want to read more about this boring technical stuff (and I know you do), you can click on Platform for Privacy Preferences (P3P) Project.

Good luck.

Elad,
Lead Developer at Sports Betting Tech

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

DevAffair
Team Leader Sports Betting Tech
Israel Israel
No Biography provided
Follow on   Twitter

Comments and Discussions

 
GeneralColdFusion Pinmembermike231515-Jun-11 6:54 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web02 | 2.8.140926.1 | Last Updated 14 Jun 2011
Article Copyright 2011 by DevAffair
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid