ST Nathan
11-10-2009, 10:34 AM
Hi all,
Thanks in advance for helping a first-time poster. I've been banging my head on the wall all day...
I have a site that must be able to function and set cookies while running inside a frame. In IE, with default security settings, this is a problem, because a framed site's cookies are treated as third party. Now, I've read all the info on P3P, and I've created a compact privacy policy, served via HTTP header, an XML policy file, and an XML reference file. I have checked, and the header is being sent properly, and IE can read the policy file.
However, it is STILL blocking cookies from the site. I've created a stripped-down example here: http://www.hankshelper.com/privtest.php
Note that cookies in the framed site are being blocked by IE (6, 7, and 8).
If anyone could check out my compact policy
Header set P3P "policyref=\"/w3c/p3p.xml\", CP=\"IDC DSP COR NID DEVi OUR BUS INT\""
and/or XML policy
http://www.searchtempest.com/w3c/searchtempest.xml
and let me know wtf, I would be eternally grateful. I've stripped them down as much as possible, and I just can't see anything that IE would have a problem with. (And of course IE itself is wonderfully verbose as far as exactly WHY it's blocking cookies...) I'm happy to provide any additional information you need.
Thanks in advance for helping a first-time poster. I've been banging my head on the wall all day...
I have a site that must be able to function and set cookies while running inside a frame. In IE, with default security settings, this is a problem, because a framed site's cookies are treated as third party. Now, I've read all the info on P3P, and I've created a compact privacy policy, served via HTTP header, an XML policy file, and an XML reference file. I have checked, and the header is being sent properly, and IE can read the policy file.
However, it is STILL blocking cookies from the site. I've created a stripped-down example here: http://www.hankshelper.com/privtest.php
Note that cookies in the framed site are being blocked by IE (6, 7, and 8).
If anyone could check out my compact policy
Header set P3P "policyref=\"/w3c/p3p.xml\", CP=\"IDC DSP COR NID DEVi OUR BUS INT\""
and/or XML policy
http://www.searchtempest.com/w3c/searchtempest.xml
and let me know wtf, I would be eternally grateful. I've stripped them down as much as possible, and I just can't see anything that IE would have a problem with. (And of course IE itself is wonderfully verbose as far as exactly WHY it's blocking cookies...) I'm happy to provide any additional information you need.