Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Safari and cookies in iframe

Safari browser blocks 3rd party cookies by default.

I have site A (main site) that loads site B (framed site) in the iframe. Site B sets some cookies ( WHEN THE USER CLICK A BUTTON ), to function properly. These cookies are called 3rd party cookies, as they are not set by site A.

So I found this solution: https://github.com/vitr/safari-cookie-in-iframe

But in my case it doesn't work because to set the cookie, the user first has to click a button.

The framed.html is infact like this:

<!DOCTYPE html>
<html>
<head>
    <title>Framed Page</title>
</head>
<body style="background-color: lightcoral;">
<h2>This is the framed site</h2>

<div border="0" class="cookie_button" id="continue_button" onclick="SetCookie('cookieAcceptanceCookie','accepted',9999);">accept</div>
</body>
</html>

Is there a solution to my problem?

like image 665
xRobot Avatar asked Jul 17 '18 10:07

xRobot


People also ask

Can you access cookies in iframe?

Only the domain which created the cookie can read its cookie. So you have to read the cookie from within the iframe and then pass it to the parent window. If you don't have access or control over the page in the iframe then there is no way to get the cookie value.

Does Safari support iframes?

See full reference on MDN Web Docs. 1 Safari has a bug that prevents iframes from loading if the iframe element was hidden when added to the page.

How do I enable iframe in Safari?

Step 1: Go to Settings icon. Step 2: Select “Safari” Page 4 Confidential 11/16/2017 iPhone and Macbooks Safari SETTINGS to LOAD IFRAMES IN MEMBERS PORTAL 3 Step 3: Ensure that the “Block Pop-ups”, “Prevent Cross-Site Tracking” and “Block all Cookies” are not selected (not green).

Why iframe is not working in Safari?

Why Safari doesn't allow to store cookie for iFrame? Answer: A: Answer: A: Try going to Safari/Preferences/Privacy and uncheck Prevent cross-site tracking.


Video Answer


1 Answers

The only workaround that worked for me is redirecting through the iframed domain once.

So, if you have abc.com and xyz.com is an iframe under abc.com, while landing to the abc.com, there needs to be an intermediate redirect through xyz.com only for the purpose of setting a blank cookie. Then Safari will allow setting a cookie from iframe for xyz.com.

I'm not sure if there's any other better workaround. However, this worked and served my purpose.

Thanks.

like image 90
Supratim Roy Avatar answered Nov 03 '22 19:11

Supratim Roy