Cookie blocked/not saved in IFRAME in Internet Explorer

Question

I have two websites, let\'s say they\'re example.com and anotherexample.net. On anotherexample.net/page.html, I have an IFRAME S

Answer 1

This finally worked for me (after a lot of hastle and generating some policies using IBMs policy generator). You can downlod the policy generator here: http://www.softpedia.com/get/Security/Security-Related/P3P-Policy-Editor.shtml

I was not able to download the generator from the official IBM website any more.

I created these files in the root folder of my Web-App

/index.php
/w3c/policy.html (Human readable format)
/w3c/p3p.xml
/w3c/policy.p3p

1. Index.php: Just send an additional header:

header('P3P: policyref="/w3c/p3p.xml", CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"');

2. Content of p3p.xml

    
        
            /
            
        
    

3. Content of my policy.html file

Privacy Policy

About Us
This is a privacy policy for YOUR COMPANY NAME.
Our homepage on the Web is located at 
YOURWEBSITE.
The full text of our privacy policy is available on the Web at 

ABSOLUTE URL OF THIS FILE
This policy does not tell users where they can go to exercise their opt-in or opt-out options.
We invite you to contact us if you have questions about this policy.
You may contact us by mail at the following address:
FIRSTNAME LASTNAME
YOUR ADDRESS HERE

You may contact us by e-mail at 

info@YOURMAIL.eu. 
You may call us at TELEPHONENUMBER.

Dispute Resolution and Privacy Seals
We have the following privacy seals and/or dispute resolution mechanisms.
If you think we have not followed our privacy policy in some way, they can help you resolve your concern.


Dispute:
Contact us for further information


Additional Information

This policy is valid for 1 day from the time that it is loaded by a client.


Data Collection
P3P policies declare the data they collect in groups (also referred to as "statements").
This policy contains 1 data group.

Group "App control data"
We collect the following information:

HTTP cookies

This data will be used for the following purposes:

Completion and support of the current activity.
Web site and system administration.
Research and development.
Historical preservation.
Other purposes
Control Flow of the application

This data will be used by ourselves and our agents.
The data in this group has been marked as non-identifiable. This means that there is no
reasonable way for the site to identify the individual person this data was collected from.
The following explanation is provided for why this data is collected:
This cookie data is only used to control the application within an iframe (e.g. a Facebook App)


Cookies
Cookies are a technology which can be used to provide you with tailored information from a Web site. A cookie is an element of data that a Web site can send to your browser, which may then store it on your system. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it.
Our site makes use of cookies.
Cookies are used for the following purposes:

Site administration
Completing the user's current activity
Research and development
Other
(Control Flow of the application)



Compact Policy Summary
The compact policy which corresponds to this policy is:
    CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV"

The following table explains the meaning of each field in the compact policy.

Field
Meaning
CP=
This is the compact policy header; it indicates that what follows is a P3P compact policy.
ALL

Access to all collected information is available.

DSP

The policy contains at least one dispute-resolution mechanism.

NID

The information collected is not personally identifiable.

CURa

The data is used for completion of the current activity.

ADMa

The data is used for site administration.

DEVa

The data is used for research and development.

HISa

The data is used for historical archival purposes.

OTPa

The data is used for other purposes.

OUR

The data is given to ourselves and our agents.

NOR

The data is not kept beyond the current transaction.

NAV

Navigation and clickstream data is collected.


The compact policy is sent by the Web server along with the cookies it describes.
For more information, see the P3P deployment guide at http://www.w3.org/TR/p3pdeployment.


Policy Evaluation
Microsoft Internet Explorer 6 will evaluate this policy's compact policy whenever it is used with a cookie.
The actions IE will take depend on what privacy level the user has selected in their browser (Low, Medium, Medium High, or High; the default is Medium.
In addition, IE will examine whether the cookie's policy is considered satisfactory or unsatisfactory, whether the cookie is a session cookie or a persistent cookie, and whether the cookie is used in a first-party or third-party context.
This section will attempt to evaluate this policy's compact policy against Microsoft's stated behavior for IE6.
Note: this evaluation is currently experimental and should not be considered a substitute for testing with a real Web browser.
Satisfactory policy: this compact policy is considered satisfactory according to the rules defined by Internet Explorer 6.
IE6 will accept cookies accompanied by this policy under the High, Medium High, Medium, Low, and Accept All Cookies settings.

4. Content of policy.p3p

    

    
    


    
    
    
COMPANY NAME
info@YOURMAIL.eu
YOURWEBSITE
YOURPHONENUMBER
FIRSTNAME LASTNAME
STREET
CITY
STAGE
POSTALCODE
Germany
    
    

    
    


    
    
        
            Contact us for further information
    
        
    

    
    
        
            
        

    
    
This cookie data is only used to control the application within an iframe (e.g. a Facebook App)

    
    

    
    Control Flow of the application