I had an application that requires login and sessions. When the app was loaded to a frame on a website with a different domain name, I found that cookies could not be set in IE6.
The problem is that these cookies were 3rd party cookies, meaning that they were written with a domain name different from the domain name of the main site. For IE6, the default privacy level blocks these 3rd party cookies.
To fix this problem, you can certainly ask your users to adjust their privacy setting. But a more elegant way is to fix it from your side.
I found a great solution from this post:
Add the following to the beginning of each page where cookies will be written:
ASP:
HttpContext.Current.Response.AddHeader("p3p", "CP=\""IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\""")
PHP:
header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
Hi,
Unfortunately for me it’s not working :
A page of my website, called iframe.php uses frameset.
The first frame is just a small php file fixed on the top, in order to see the banner and some information from a sql database.
The 2nd is a whole website (commercial), and when i try to order something the caddie stay empty.
If i turn the security to lower (on ie), it works. It works fine too on FF and Chrome.
So, it’s really the same problem, but writting :
header(‘P3P:CP=”IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT”‘);
just before session_start(); is not workin at all …
I also use this (necessary for us 🙂
$CR_ini_set = ini_set ( “session.gc_maxlifetime” , “3600” );
define(“_PATH_TMP”, “./../sessions”);
ini_set(‘session.save_path’, _PATH_TMP);
session_cache_expire (60);
header(‘P3P:CP=”IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT”‘);
session_start();
Any idea ?
Thanks for your answer,
Franck
In fact, where to put
header(‘P3P:CP=”IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT”‘);
???
In the page wher frameset is declared ? or in the first frame ?
I can’t change the 2nf frame (external website)