Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How do I set cookies from outside domains inside iframes in Safari?

Tags:

From the Apple developer faq

Safari ships with a conservative cookie policy which limits cookie writes to only the pages chosen ("navigated to") by the user.

By default Safari only allows cookies from sites you navigate to directly. (i.e. if you click on links with the url of that domainname).

This means that if you load a page from your own site with an iFrame with a page from another site, that the other site is not able to set cookies. (for instance, a ticketshop). As soon as you have visited the other domain directly, the other site is able to access and change its own cookies.

Without having access to code on the other site, how can i make the user-experience as inobtrusive as possible?

Is there a (javascript?) way to check if the other site's cookies are already set, and accordingly, show a direct link to the other site first, if needed?

Update:

The HTML5 feature 'window.postmessage' seems to be a nice solution.
There are some jQuery libraries that might help, and compatible with most recent browsers.
In essence, the iFrame document sends messages, with Json, thru the window element.

The very nice Postmessage-plugin, by daepark, which i got working.
and another jQuery postMessage, by Ben Alman i found, but haven't tested.

like image 855
GDmac Avatar asked Oct 05 '08 16:10

GDmac

People also ask

Does Safari support iframes?

See full reference on MDN Web Docs. 1 Safari has a bug that prevents iframes from loading if the iframe element was hidden when added to the page.

Can you set cookies for other domains?

You cannot set cookies for another domain. Allowing this would present an enormous security flaw.

How do I allow cross domain cookies in Safari?

Open the Safari browser. From the menu bar, go to Safari > Preferences. In the preferences dialog, go to the Privacy tab and disable the Prevent cross-site tracking permission.

Can you set cookie in iframe?

To set a cookie in an iframe that is in a different domain than the parent site, you can use SameSite=None . These are called third- party cookies.

1 Answers

localStorage, supported by safari and all modern browsers, permits read/write operations even on pages loaded into iframes. if you don't mind dropping support for ie6 and ie7, try using localStorage instead of cookies in your framed site. i know your question specifically says you don't have access to code on the framed site, but for those who do, localStorage definitely solves the "no cookies in a safari iframe" problem.

like image 187
colin moock Avatar answered Oct 17 '22 22:10

colin moock
Sign in to Comment

Related questions

Creating routes with an optional path prefix
Where should I download CorFlags.exe from?
The future direction of Help File formats
Configuration in a File or a Database?
Send asp.net mvc action result inside email
Is it possible to programmatically construct a Python stack frame and start execution at an arbitrary point in the code?
How do I make Windows file-locking more like UNIX file-locking?
Subversion web interface [closed]
How mature is SDL for iPhone?
Do I still need to pad images in a CSS Sprite?
Debugging JavaScript events with Firebug
Can NHibernate create tables from existing classes automatically?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!