Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Accessing Domain Cookies within an iFrame on Internet Explorer

Tags:

My domain (let's call it www.example.com) creates a cookie. On another site (let's say, www.myspace.com), my domain is loaded within an iFrame.

On every browser (Firefox, Opera, Camino, Safari, etc...) except for Internet Explorer, I can access my own cookie. In IE, it doesn't give me access to the cookie from within the iFrame.

Is there a way to get around this?

Really, this makes no sense because the site trying to access the cookie is www.example.com and the cookie is owned by www.example.com. But for some reason, IE thinks the iFrame makes them unrelated.

like image 475
Sleep Deprivation Ninja Avatar asked Sep 18 '08 23:09

Sleep Deprivation Ninja

People also ask

How do I view cookies in iframe?

Only the domain which created the cookie can read its cookie. So you have to read the cookie from within the iframe and then pass it to the parent window. If you don't have access or control over the page in the iframe then there is no way to get the cookie value.

Do iframes have cookies?

Since your content is being loaded into an iframe from a remote domain, it is classed as a third-party cookie. The vast majority of third-party cookies are provided by advertisers (these are usually marked as tracking cookies by anti-malware software) and many people consider them to be an invasion of privacy.

How do I view session cookies in Internet Explorer?

Internet ExplorerClick 'Tools' (the gear icon) in the browser toolbar. Choose Internet Options. Click the Privacy tab, and then, under Settings, move the slider to the top to block all cookies or to the bottom to allow all cookies, and then click OK.

How do I view other domain cookies?

As we know that cookie set by one domain cannot be accessed by the another domain. But cookie set to main domain can be accessed by subdomains. Example: Cookie set to domain “maindomain.com” can be accessed by any sub domain of main domain, that is subdomain.maindomain.com, anysub.maindomain.com.

1 Answers

Internet Explorer's default privacy setting means that 3rd-party cookies (e.g. those in iframes) are treated differently to 1st party cookies. (by default, 3rd party cookies are silently rejected).

For IE6 to accept cookies in an iframe, you need to ensure your site is delivering a P3P compact header.

See http://msdn.microsoft.com/en-us/library/ms537343.aspx for more.

like image 129
mopoke Avatar answered Sep 22 '22 08:09

mopoke
Sign in to Comment

Related questions

Any experiences with Intel's Threading Building Blocks? [closed]
What is the purpose of zones in sharepoint? (web application zones or authentication zones or how do they call it)
MySQL Prepared statements with a variable size variable list
Is PowerShell a good upgrade for a batch file?
How to remove error messages in the coding window?
Which syntax and architecture of assembly is most useful to know?
Base versus Active versus Deployment target
Caching proxy with authenticated REST requests
Cookie based SSO
Is C++ static member variable initialization thread-safe?
DateTime precision in NHibernate and support for DateTime2 in NHibernate SchemeExport
What columns stores the slug in wordpress

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!