My domain (let’s call it http://www.example.com) creates a cookie. On another site (let’s say, http://www.myspace.com), my domain is loaded within an iFrame.
On every browser (Firefox, Opera, Camino, Safari, etc…) except for Internet Explorer, I can access my own cookie. In IE, it doesn’t give me access to the cookie from within the iFrame.
Is there a way to get around this?
Really, this makes no sense because the site trying to access the cookie is http://www.example.com and the cookie is owned by http://www.example.com. But for some reason, IE thinks the iFrame makes them unrelated.
Internet Explorer’s default privacy setting means that 3rd-party cookies (e.g. those in iframes) are treated differently to 1st party cookies. (by default, 3rd party cookies are silently rejected).
For IE6 to accept cookies in an iframe, you need to ensure your site is delivering a P3P compact header.
See http://msdn.microsoft.com/en-us/library/ms537343.aspx for more.