IE10, iframe, p3p and coldfusion session/cookie issue

IE10, iframe, p3p and coldfusion session/cookie issue

Recently, I got an increased reporting of some of my customers that they cannot log in to one of my application or receive errors with sessions not being set properly. Further investigation revealed that those customers embedded parts of my application in an iframe (a common practice to embed parts of another website into another one).

While using iframe is completely valid and common practice and also has no issues with browsers like Chrome, Firefox and Safari it threw an error with any Internet Explorer browser. From the many results in the search engines and from Microsoft’s own bug tracking tool, I can see that I’m not the only one with this issue. According to Microsoft this is not a bug but a feature:

“Internet Explorer 6 and above implement advanced cookie filtering that is based on the Platform for Privacy Preferences (P3P) specification. By default, Internet Explorer 6 blocks third-party cookies that do not have a compact policy (a condensed computer-readable privacy statement) or third-party cookies that have a compact policy which specifies that personally identifiable information is used without your implicit consent.”

In short, this means that you need to deploy a P3P policy within your application as noted in their tech note.

Now, you can go on and read that article and get confused (at least I did) or you can simply accept the solution by setting the P3P header in your application. Doing so is simply done with:

[code]response.addHeader("P3P","CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"");[/code]

or with Coldfusion:

[code]<cfheader name="P3P" value="CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"">[/code]

Hope this helps.

Helpmonks All-in-one Customer Service Platform
Updating Confluence and Jira is a nightmare and keeps you hunting for solutions

First off, I really like Jira and Confluence and we have been using them successfully for all our open source applications. We also use HipChat for our IM communication and use SourceTree for managing code on Github. Just realised that Atlassian has become a company to depend on... This post…

The system is running in low-graphics mode
Linux and "The system is running in low-graphics mode" error

So, after moving from Mac to Windows to Linux, I went on a crusade to find the perfect Linux Desktop Environment. I originally installed Ubuntu 15.04 and quickly wondered off to Cinnamon, tried, Gnome 2 and 3, then XFCE and tried Tiling Managers like AwesomeWM and i3. Without starting a desktop…

Helpmonks All-in-one Customer Service Platform
Exchange, Kerio, Zimbra and Google or the Quest for the perfect Collaboration tool

One of my main goals in my everyday work flow is to keep all my informations at one central location and have access to them from everywhere. Meaning I want all my emails, contacts and calendar entries in sync, whether I use my mobile phone, my own laptop or I…

How we solved performance issues in Helpmonks
How we solved outages and performance issues in Helpmonks

At the end of March 2019 and until the middle of April 2019, we experienced outages and performance issues in Helpmonks. What follows is a report of what happened and how we solved it. Performance issues were caused because we moved our core database to a new cloud provider with…

Helpmonks All-in-one Customer Service Platform
CFML and Cannot run program "chmod": error=24, Too many open files

Migrating one of my customers the other day, bought up an ugly error when I had to create 2000 directories on one go. The error was: [code]Cannot run program "chmod": error=24, Too many open files[/code] While, "too many open files" usually means one can raise the limit of open…

Helpmonks All-in-one Customer Service Platform
Java error: The major.minor version '51.0' is too recent for this tool to understand

Run into this Java error today: The major.minor version '51.0' is too recent for this tool to understand While this message is rather useless, I figured that it had to do something with our recent switch from Java 6 to Java 7 (OpenJDK 6 to OpenJDK 7, that is). Sure…

Trusted by over 2,000 organizations with millions of emails

Helpmonks helps us answer customer emails at lighting speed
We couldn't do our job without Helpmonks!
Helpmonks, the best thing since sliced bread
Excellent option for collaborating email amongst your team
A good platform that is here to grow and help you grow
Helpmonks is a great tool that our company utilizes and depends on
Great shared inbox for the team
Fantastic email support service for any business
Easy to navigate and catalog data for specific users
Solid Helpdesk software w/ responsive customer support
A really good solution to manage customer support mailbox
Good support, useful features

One more thing...

Helpmonks gives you the ability tocollaborate as a groupin your shared mailbox, features aTeam To-Do App, powerfulCustomer Relationship Management (CRM)capabilities, a completeLive-Chat tool, a mighty Email Marketing Platform that includes sending ofemail campaignsandemail automation, collision detection, email tracking, reminders, mentions, custom fields, custom applications, customer satisfaction ratings, Single-Sign-On (SSO) & SAML authentication, Trello, Zapier, Slack, an API, and much more.

Check outthe complete feature listor sign up for afree 30-day shared inbox trial now