IE Blocking iFrame Cookies

Saved me from a huge headache.

Thanks Adam , It saved the Day

This is great work!

Respected,
I have a page aspx with an internal iframe that should receive pages called by menu of the type:

• E C C A F


• Quem Somos

in the load aspx-cs and it continues not working in IE.
I request help for that problem. Adim.

Thanks Adam,

I applied your solution and it worked perfectly. You really saved me

Appreciated,
Ma'en

Adam:

I would like to add to the chorus of praise. I'm sure you saved me HOURS of work, and I will take all the credit at my workplace :).

Thanks again.

D00d, seriously! I would have never EVER fingered that one out on my own! MANY MANY thanks! Buy a beer on me!

-Dan

Thanks a lot! It fixed my problem! :)

Hi,

I am setting up P3P header in the response by setting up filter on java side. But some how its not setting up the P3P header. What should i do. The filter code looks like below

public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletResponse httpResponse = (HttpServletResponse) response;
httpResponse.setHeader("P3P",
"CP=\"ALL DSP COR CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT CNT\"");
chain.doFilter(request, httpResponse);
}

Is there any other way to setup P3P header in java

Should the header function (I code php) be included on the page containing the IFrame or the page that's supposed to show inside the IFrame?

Wow,

thank you very much!!!!!!!!!!!!!

It was the solution to my problem!!

Thanks a lot man!

I've just spent several hours looking into this and getting no where. Especially when Firefox and Chrome were working correctly and it was only IE that had this trouble.

Thanks for the info Adam.

If you are using MS technology for your website and you have access to IIS you can get IIS to output the header on every page without having to touch the code.

1. From within IIS bring up the properties for the site in question.
2. Click on the HTTP Headers tab
3. Click the Add button
4. In the custom header name enter:

P3P

6. In the custom header value enter:

CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"

7. Click OK then OK and your good to go. You don't even need to restart IIS.

thanks!!! You save many hours of my live!!!

I have developed one application to check whether browser enables cookie or not, it is running perfectly for google crome and
firefox but not for IE8. In internet explorer 8 it is showing cookie is enabled though cookie is being blocked manually.
Please help.

You're a life saver. Thanks a lot!
P.S. IE sucks

Thanks a lot!

Thank u very much, you are the best (y)

Hi Adam,
I am stuck with a similar issue like this. But here I dont have any cookies set.
I have a jsp, where I use a custom tag for tabs and each tab has its own iFrame loading the contents.
In the first tab/iframe i load a flash object and on the second one it is jsp page, with a table, but the table data is populated from the session bean using another custom tag.

This works fine in mozilla, but not in IE. In IE the table header shows like it is showing data 1-1 of page 1, but the thing is it is not populated. i could see the view source with the data, but the rendering is not happening in IE.. But if i swap the tabs it would populate the data correctly, as now the jsp with table is first tab and it is the default. I tried putting your fix in my original jsp which is having the two tabs and frames defined. But it is still not helping.. Any idea what would be wrong here with rendering on ie with iframes
Thanks in advance
Sarah

THANKS A LOT for your help!
An unbelievable solution for a strange MS problem!

MK

My reaction is like all the other comments,.
Thanks for posting! It's a life saver!

Wow. You stopped IE from giving me a headache this morning. Thank you.

its very unsecure to send session-cookies in iframes.

example:
- your website allow to delete the account via an link in the members-area to http://foo.bar/cancel.php
- your customer is in log in-status on your site and "forgot" to log out.
- then your customer brows to http://bad_infected_site.com with an iframe to http://foo.bar/cancel.php
- the result: the account is deleted because the user is still logged in.

so be careful disabling this security option.

My IE just closes after I have been opening some specific websites do you happen to know about this issue?

Ruby,
cheap">http://www.van-insurance-cheap.co.uk/">cheap van insurance

Does it have to be the compact policy you illustrate here, and if so, why? What is it about this compact policy that allows it to work? I have a security policy I am using but it currently will not work.
CP="CAO DSP CURa ADMa DEVa TAIa PSAa PSDa CONo OUR DELa BUS IND PHY ONL UNI COM NAV STA LOC"

This is a really good read for me. Must agree that you are one of the coolest blogger I ever saw. Thanks for posting this useful information. This was just what I was on looking for. I’ll come back to this blog for sure! I bookmarked this blog a while ago because of the useful content and I am never being disappointed. Keep up the good work
Regards,

Thanks so much for this post. I would give you my last bud-light absolutely.
-John

This is the exact way that people expecting we can see most of the comments are true and towards the positive opinion..This is the exact way that people expecting we can see most of the comments are true and towards the positive opinion..
simulateur">http://placementargent.org/placement-financier/">simulateur de placement financier

Thank you Adam Its working really good now.

I can not stop my self saying Thanks & Thanks & Thanks!!!!!!!!!!! to youu................!

Thanka a lot..u save my lots of time..thanks again.. :D

thanks, you saved my life. i spent two weeks of work to find why my script dont work and this helps me within one minute. thank you very much

Tnks!!! Tnks!!! Tnks!!!

thanks a lot!!! :)

It seems to work also writing something else, like:
header('P3P:CP=" merry christmas "');
the important is to send the header :D
bye!

thank you very much, thanks again and again.

Thank you very much. The information is really appreciated. You made my day. :D I have been searching this for a while...