CodeIgniter 2.x sessions and Internet Explorer

Question

I've been reading a lot online about CodeIgniter and its issues with sessions and Internet Explorer. A lot of it seemed to center around the name of the session not having an underscore in the name. These articles all seemed to be for CI 1.x. Is CI still having this issue? I tried removing the underscore and it didn't help. I also tried adding this code:

header ( 'P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"' );

But that didn't help either. What we are trying to do specifically is give our dealers a link they can put on their site that will open an iframe to part of our site. The iframe works fine on our site, but not on our dealers sites. Could this have to do with cross-domain issues?

Isn't this something that should have been resolved in CI by now? I would think their native sessions would not have this problem.

Answer 1

A few things:

1. CodeIgniter has no issue with sessions and IE. IE has issues with an underscore in the cookie; it has nothing to do with CI (version 1.7 or 2.x).

2. IE has security features that prevent cross-site cookies. So you need to ensure these are no kicking in and destroying the cookie before it even starts. Edit: see here for more details: http://codeigniter.com/forums/viewthread/121637/.

3. Get your dealer to test the site via Firefox. Are you sure it is actually an issue with IE, or just an issue in general?

4. Set sess_match_ip and sess_match_useragent to FALSE, as that could cause the issue you have described.

5. Make sure you have set cookie_domain, cookie_path.

6. Make sure you have set cookie_secure to FALSE (unless the <iframe> is going over https).