Facebook Iframe App with multiple pages in Safari Session Variables not persisting

Question

I have a facebook Iframe application with multiple PHP pages in it.

I have some links that point relatively to the files inside my \"iframe folder\".

Having

Answer 1

With the release of Safari 7, not only 3rd Party cookie is being blocked. Local Storage as well as WebDB, any kind of website data are being blocked. When you go to Safari Preferences (CMD+comma), Under privacy tab, on Safari 7, it now says : "Block cookies and other website", originally was "Block cookies". That confirms the changes.

Other browsers might follow through in the future. Most probably Firefox. Chrome, cough *cough* probably not.

You probably have to employ some workaround using redirection technique or popup similar to what disqus did.

Answer 2

I wrote the blog post Dominic refers to in his answer.

The problem is that the default behavior of Safari is to only accept cookies from sites that you visit. This excludes "third party" cookies. Safari treats the page inside an IFRAME as a third-party site, and until you interact with that content (by clicking a link, for example), it will refuse those cookies.

Your PHP code needs to set a cookie on the first page that uses the session in order for that session to persist from one page to another, but if the session variables are in the very first page in the IFRAME, you have a chicken-and-egg problem.

My solution is to retain all of the special Facebook parameters through to the second page loaded into the IFRAME. Because you've interacted with it, cookies set on the second page will persist, and this allows your PHP code to keep whatever state it needs to communicate back to Facebook.

This won't likely help your PHP session, though, so I suggest adding another parameter to links on the first page that allows the second page to look the session up, or otherwise recreate it.