[Safari] Cookies for iFrame domain not set

The Problem

Apple's Safari web browser is configured to block third-party cookies by default, unless the user has had prior interactions with the third-party domain:
http://webpolicy.org/2012/02/17/safari-trackers/


The Solution

The idea is simple, just make sure the user visits the iframe domain (in this example, B.com) at least once.

One way is to run a popup that visits B.com (and set the P3P header), then close the popup.

On the parent window:
var win = window.open('http://B.com/startsession.php', '_blank', 'height=200,width=150');
setTimeout(function() {
win.close(); // close it after 1 second :)
}, 1000);

Then in the startsession.php, just set the header will do
<?php
header('P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"');
session_start();

Done.


References:
http://webpolicy.org/2012/02/17/safari-trackers/
http://anantgarg.com/2010/02/18/cross-domain-cookies-in-safari/
http://anantgarg.com/2012/02/18/busting-the-cookies-and-privacy-myth/

Comments

Popular posts from this blog

[Azure Websites PHP] Cross Domain request results in blank response page after Preflight HTTP OPTIONS

[Magento] Create Contact Form with Dynamic Recipient