Cookie blocked/not saved in IFRAME in Internet Explorer

Question

I have two websites, let\'s say they\'re example.com and anotherexample.net. On anotherexample.net/page.html, I have an IFRAME S

Answer 1

This is buried in the comments of other answers, but I almost missed it, so it seems like it deserves its own answer.

To review: in order for IE to accept 3rd party cookies, you need serve your files with an http header called p3p in the format:

CP="my compact p3p policy"

BUT, p3p is pretty much dead as a standard at this point and you can easily get IE to work without investing the time and legal resources in creating a real p3p policy. This is because if your compact p3p policy header is invalid, IE actually treats it as a good policy and accepts 3rd party cookies. So you can use a p3p header such as this

CP="This site does not have a p3p policy."

You can optionally include a link to a page that explains why you don't have a p3p policy, as Google and Facebook do (they point here: https://support.google.com/accounts/answer/151657 and here: https://www.facebook.com/help/327993273962160/).

Finally, it's important to note that all files served from the 3rd party site need to have the p3p header, not just the one that sets the cookie, so you may not be able to just do this in your PHP, asp.net, etc code. You are probably better off setting in up on the web server level (i.e. in IIS or Apache).