I maintain a Web site that is mirrored on a seperate domain in an IFRAME that points to the domain that hosts the site. So basically, the IFRAME is on a completely different server (and the site is written in ASP) and the IFRAME source on that Web page is pointing to a different URL on a different server (this site is written in PHP). I have session variables that are set when a user logs in but in Internet Explorer they are lost! Basically they are unset and do not exist. This only appears to occur in Internet Explorer. In Firefox it works fine and the session variables hold. It seems to me that Internet Explorer is doing this because of a security issue because the Webpage the IFRAME is pointing to is not the same domain where the IFRAME exists. I don't understand this though because session variables are stored server side. I'm just trying to understand this so I can explain to my client what the issue actually is. Any help would be GREATLY appreciated. Thanks!