Solved

IE and Ajax cookies

Posted on 2014-10-22
11
294 Views
Last Modified: 2014-11-01
I'm running into a problem with IE, not sending PHP session cookies in its AJAX calls within an iframe within the same site.

To elaborate:

I have a web application, running via https, where most of the application takes place within an iframe.

When IE users log in, the code sends a PHP session cookie.  Then, whenever I do an AJAX call within the application itself, from the iframe, the AJAX call doesn't send back the session cookie.

As I mentioned, the site is running via https, and the domain should be listed as a trusted internet zone.

I've tried having the session cookie be re-set within the iframe, and I've added a P3P privacy policy:

header('P3P: CP="NOI ADM DEV COM NAV OUR STP"');

I've seen the problem described on these StackOverflow posts:

https://stackoverflow.com/questions/15856886/ajax-on-ie10-dont-send-cookies

https://stackoverflow.com/questions/389456/cookie-blocked-not-saved-in-iframe-in-internet-explorer

Any way I can get IE to start saving and sending back the session cookies?

BTW: I don't have any issues with Chrome, Firefox, Safari, Mobile devices, etc.
0
Comment
Question by:hdcowboyaz
  • 6
  • 5
11 Comments
 
LVL 58

Expert Comment

by:Gary
ID: 40398510
This is a cookie set within the parent window and not within the iframe?
What is the url for the Parent window and what is the url for iFrame window?
IE is a bit more strict about cross domain policy (and does screw up) so if there is any difference between the two urls then it won't work.
0
 

Author Comment

by:hdcowboyaz
ID: 40403339
I've tried setting the cookie in the parent and in the iframe both.

My application changes the iframe source (via javascript) whenever
people take various actions but the iframe initially loads a script that
re-sets the session cookie to have the same as the parent window.

The iframe should match the domain of the parent window, too, because I
specify it using a relative URL.

Should I manually specify the full URL in the iframe, like
https://mydomain.com/setcookie.php ?
0
 
LVL 58

Expert Comment

by:Gary
ID: 40403347
Still didn't answer my questions...
Is the domain changing?
If you are already using ajax then why use an iframe at all, get rid of the iframe and just use ajax
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:hdcowboyaz
ID: 40403437
I'm using the iframe because that's how I'm keeping the menu from
reloading on every single page load...

The domain isn't changing, or shouldn't be, it isn't coded to anywhere...
0
 
LVL 58

Expert Comment

by:Gary
ID: 40403486
menu from  reloading on every single page load
That's a very 80/90's mentality
0
 

Author Comment

by:hdcowboyaz
ID: 40403490
Are you dissing on me or trying to help me?
0
 
LVL 58

Expert Comment

by:Gary
ID: 40403502
Am I dissing you - yes a bit, but not personally

Keeping a static menu that loads pages in a frame is very 90's when the average internet speed was about 28kb's and there was a (MS inspired) reason for doing it (using frames)

These days the average internet speed is at least 1Mb (myself I am on 150Mb) - loading web pages in a frame to make the website faster achieves nothing but heartache for the owner and annoyance for the user who cannot bookmark pages for example

You are already using ajax, so you are using 90's technology with 21st technology to achieve a 90's look
0
 

Author Comment

by:hdcowboyaz
ID: 40403506
So what is the answer? Or enlighten way to do it?
0
 
LVL 58

Expert Comment

by:Gary
ID: 40404380
Just use ajax instead of the iframe
0
 

Author Comment

by:hdcowboyaz
ID: 40407126
Are you interested in a project?
0
 
LVL 58

Accepted Solution

by:
Gary earned 500 total points
ID: 40407620
Depends on the project and what's involved - I'm quite busy at the moment.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ASP server side get value 15 39
how can I add blockquote after on my wordpress site 3 17
innerHTML 7 35
Ouput in html in powershell 2 21
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
The viewer will the learn the benefit of plain text editors and code an HTML5 based template for use in further tutorials.
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question