Skip to content

IE, iframe, P3P, Cookies, oh my

by Topper on November 18th, 2011

I was just banging my head against the wall trying to figure out why internet explorer wasn’t remembering my user’s sessions. Turns out it’s something that has bitten me in the past.

IE doesn’t allow you to set cookies when your site is in an iframe unless your site has set P3P headers. Also, ordering matters – the P3P header must be set *before* the cookie is set.

If you’re using ruby, this gem works pretty well: https://github.com/hoopla/rack-p3p

Further reading: http://stackoverflow.com/questions/389456/cookie-blocked-not-saved-in-iframe-in-internet-explorer

All the articles I read about setting headers, etags, etc were all really old. Hopefully, if you’re using rails you found this article. Just install the gem and add the line from the README to your application.rb – no monkey patching. Good luck.

From → Social Web

  • Javeed

     how can i add p3p header in asp pages : i tired below but didnot work

  • charles

    thanks for the post. this helped solve my problem with my rails app and facebook canvas

  • http://agafonkin.com/ Mourner

    THANK YOU! Spend several days killing myself against a wall with this issue :( Stupid IE.

  • Pingback: Making Cookies Work in IE | Yakov Shafranovich

  • gilbert

    ^_^,fuck ie,but when set P3P headers in my jsp pages, it doesn’t work!