Cookie blocked in Iframe for Internet ExplorerSat 27 June 2015 by Godson
When working with chat application recently which uses user sessions, IE is not saving the cookies. This happens when your webpage gets embedded into an iFrame.
Lets say we have two websites example.com and anotherexample.com. Now, in anotherexample.com I have an iFrame SRC="http://example.com/someform.asp". If I open that someform.asp in a seperate window everything works fine, but when I open that form in iframe in this anotherexample.com site, cookies are not saving for example.com. The root cause of this wierd issue is because p3p policy.
P3P headers are now dead and a solution to bypass IE security is to inject p3p header. Refer below code on how to inject p3p header in python
from django.shortcuts import render_to_response from django.template import RequestContext def foo(): #some code here r = render_to_response(template_name, locals(), context_instance=RequestContext(request)) r['P3P'] = 'CP="Including P3P policy header"' return r
The above code is just an example on bypassing IE security i.e. to make IE save cookies for webpage inside an IFRAME we have to include this so called P3P policy header.