IE blocking iFrame Cookies

Facebook recently moving their applications inside an iFrame has turned web development on its head once again. After being deprecated in XHTML and barely hanging on in HTML iFrames looked like they had all but become extinct. Not so!

So, although other browsers do not block and intercept your cookie within an iFrame (and hence Facebook application) Internet Explorer will do. The problem lies with the W3C standard called Platform for Privacy Preferences (P3P) and you can read about it here if you wish.

In PHP all you will need to ensure Internet Explorer accepts third party cookies is to send the below header:

header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');

Note: by using such a P3P statement you are making a legal statement about how your application handles cookies and if you are later found in violation of the statement you make, you may find yourself in criminal or civil hot water.

Leave a Reply

Your email address will not be published. Required fields are marked *