Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

User Getting Logged out in IE when closing browser

I am running a Drupal 7 site and am noticing a problem on IE9, when the browser window is closed the user is logged out. We have "remember me" module enabled and the cookie is set to not expire. There is no issue on Chrome or any other browser, you can close browser and when you open it the user is still logged in. I do not not see this problem on any other D7 website I run using this same browser and computer. The host is Blackmesh.

settings.php has $cookie_domain = '.mydomain.com'; I am thinking of changing this to $cookie_domain = 'www.mydomain.com'; as the site always redirects to www this makes sense to me and is what me and my sys admin friend agree on.

One potential solution I am thinking about is setting cookie domain in settings.php $cookie_domain = 'www.mydomain.com';

I am noticing there are some cookies on the site being served from www.my domain and some from .mydomain

I found some threads that seem to have vaguely similar problems.

http://forums.modx.com/thread/76947/ie-login-issue-with-www-vs-non-www-address

https://www.drupal.org/node/280623

like image 519
Alex Borsody Avatar asked Jun 07 '15 23:06

Alex Borsody


1 Answers

There shouldn't be any issue with the cookie domain being .mydomain.com instead of www.mydomain.com because cookies set on the root domain should work properly on any "subdomain" such as www, though it wouldn't hurt to try because it's simple to change.

Depending on the cookie privacy settings in IE, it might be that the cookie is not getting saved for this site if a proper P3P header isn't being sent. For testing I'm pretty sure you could use p3p: CP="CAO PSA OUR" (so in .htaccess put Header set P3P 'CP="CAO PSA OUR"'. I don't know what the correct P3P would be for your case if this is in fact the issue, but this was one that I've seen work for a different "only IE is blocking cookies" issue. You might need to research it a little if this doesn't work.

If this is the issue, then for using it in production make sure it truthfully represents your privacy policy (check out http://www.techrepublic.com/blog/software-engineer/craft-a-p3p-policy-to-make-ie-behave/).

A hint that cookies are being blocked is if you see a privacy eye icon in the status bar (if I recall correctly I think it looks like http://divabradford.org.uk/media/36647/ie_privacy.jpg).

like image 133
Jaffer Wilson Avatar answered Nov 05 '22 06:11

Jaffer Wilson