SitePoint Sponsor

User Tag List

Results 1 to 8 of 8
  1. #1
    SitePoint Enthusiast
    Join Date
    May 2003
    Location
    Los Angeles, CA
    Posts
    38
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    External domain cookies in IE

    I am using iframes to connect to a second domain of my site and set a user login cookie for that domain as well as the one of the main frame, so when they migrate b/w domains, they remain logged in. it works fine in Firefox. But IE refuses to take the cookie. I spent two hours researching IE6's P3P cookie policies to try and get it working but IE still refuses to set the cookie on Medium privacy settings. Turning Privacy all the way to none lets the cookie be set so I am conviced it is a privacy related issue.

    I read this tutorial here and got my custom compact policy created and am putting

    PHP Code:
    header('P3P: policyref="/w3c/p3p.xml" CP="ALL DSP COR CUR ADMi DEVi PSDi CONi OUR PUBi BUS ONL COM INT DEM CNT STA LOC"'); 
    after the setcookie() call, but IE still refuses to set the cookie. Please help!

  2. #2
    SitePoint Enthusiast
    Join Date
    May 2003
    Location
    Los Angeles, CA
    Posts
    38
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    what the hell is this, an auto ad? someone clean that up would you.

  3. #3
    SitePoint Zealot
    Join Date
    Jan 2005
    Posts
    104
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Have you thought about a centralized db and passing the session_id through the url?

  4. #4
    SitePoint Enthusiast
    Join Date
    May 2003
    Location
    Los Angeles, CA
    Posts
    38
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    DB is centralized. Issue is passing session Id would be a huge hassle, you'd have to append it to every link. Plus if the user just types in the second domain there'd be no Id. I think I have figured out a way, however, to use PHP's header() command to go to the other domain in quesiton, set the cookie, then header() itself back to the originating URL to make it seamless to the user.

  5. #5
    SitePoint Zealot
    Join Date
    Jan 2005
    Posts
    104
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Can't you set the cookie on the second site by calling a script instead of having the user sent there?

  6. #6
    SitePoint Enthusiast
    Join Date
    May 2003
    Location
    Los Angeles, CA
    Posts
    38
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    calling a script? how so? That's what I was trying to do in the iframe method.

    I just realized my redirect method doesnt work because it would discard POST data and make it impossible to login coincident with other form data.

  7. #7
    SitePoint Zealot
    Join Date
    Jan 2005
    Posts
    104
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    <script language="javascript" src="http://www.site2.com/set_cookie.php?query_sting=session_id."> </script>

    That should make the script on the second site execute. Just pass the required info to be set in the cookie using the query string.

  8. #8
    SitePoint Enthusiast
    Join Date
    May 2003
    Location
    Los Angeles, CA
    Posts
    38
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yep, as i expected, same problem as iframe method. IE will not allow the cookie unless privacy all the way to NONE. I even have the P3P compact policy in the header and all that jazz and IE still won't let it set the cookie from the other domain. Works in FF.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •