IE and Ajax cookies

I'm running into a problem with IE, not sending PHP session cookies in its AJAX calls within an iframe within the same site.

To elaborate:

I have a web application, running via https, where most of the application takes place within an iframe.

When IE users log in, the code sends a PHP session cookie.  Then, whenever I do an AJAX call within the application itself, from the iframe, the AJAX call doesn't send back the session cookie.

As I mentioned, the site is running via https, and the domain should be listed as a trusted internet zone.

I've tried having the session cookie be re-set within the iframe, and I've added a P3P privacy policy:

header('P3P: CP="NOI ADM DEV COM NAV OUR STP"');

I've seen the problem described on these StackOverflow posts:

https://stackoverflow.com/questions/15856886/ajax-on-ie10-dont-send-cookies

https://stackoverflow.com/questions/389456/cookie-blocked-not-saved-in-iframe-in-internet-explorer

Any way I can get IE to start saving and sending back the session cookies?

BTW: I don't have any issues with Chrome, Firefox, Safari, Mobile devices, etc.
hdcowboyazAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

GaryCommented:
This is a cookie set within the parent window and not within the iframe?
What is the url for the Parent window and what is the url for iFrame window?
IE is a bit more strict about cross domain policy (and does screw up) so if there is any difference between the two urls then it won't work.
0
hdcowboyazAuthor Commented:
I've tried setting the cookie in the parent and in the iframe both.

My application changes the iframe source (via javascript) whenever
people take various actions but the iframe initially loads a script that
re-sets the session cookie to have the same as the parent window.

The iframe should match the domain of the parent window, too, because I
specify it using a relative URL.

Should I manually specify the full URL in the iframe, like
https://mydomain.com/setcookie.php ?
0
GaryCommented:
Still didn't answer my questions...
Is the domain changing?
If you are already using ajax then why use an iframe at all, get rid of the iframe and just use ajax
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

hdcowboyazAuthor Commented:
I'm using the iframe because that's how I'm keeping the menu from
reloading on every single page load...

The domain isn't changing, or shouldn't be, it isn't coded to anywhere...
0
GaryCommented:
menu from  reloading on every single page load
That's a very 80/90's mentality
0
hdcowboyazAuthor Commented:
Are you dissing on me or trying to help me?
0
GaryCommented:
Am I dissing you - yes a bit, but not personally

Keeping a static menu that loads pages in a frame is very 90's when the average internet speed was about 28kb's and there was a (MS inspired) reason for doing it (using frames)

These days the average internet speed is at least 1Mb (myself I am on 150Mb) - loading web pages in a frame to make the website faster achieves nothing but heartache for the owner and annoyance for the user who cannot bookmark pages for example

You are already using ajax, so you are using 90's technology with 21st technology to achieve a 90's look
0
hdcowboyazAuthor Commented:
So what is the answer? Or enlighten way to do it?
0
GaryCommented:
Just use ajax instead of the iframe
0
hdcowboyazAuthor Commented:
Are you interested in a project?
0
GaryCommented:
Depends on the project and what's involved - I'm quite busy at the moment.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Languages and Standards

From novice to tech pro — start learning today.