facebook auth and Ie9 p3p

Question

i cannot get the facebook serverside oauth to work on ie9. it is working fine on firefox and chrome. i believe the problem is with the IE and not trusting iframes. The standard solution to this is to slap some P3P headers into the iframe page. however ie9 still ignores my jsession cookie and the authentication process loops.

i set the p3p header in my servletfilter

res.setHeader("P3P", "CP=\"XXXXX does NOT have a P3P policy\"");

my JSF page that is the iframe has the simple oauth login url

<h:outputLink target="_top" value="http://www.facebook.com/dialog/oauth/"   class="login_btn" >
   <f:param name="client_id" value="XXXXXXXXXXX"></f:param>
   <f:param name="redirect_uri" value="https://apps.facebook.com/myapp/fbauth"></f:param>

i have spent hours tracing the flow through ie9. I cant get it to work. i have read every article and tried all type of P3P codes.

any help will make me happy.

-lp

score -1 · Answer 1 · answered Aug 16 '12 at 06:50

-1

well i fixed it.

by replacing the redirect url from

to

i am tired and dont want to explain it.

just hopes it saves someone else.

-lp

answered Aug 16 '12 at 06:50

lpic

560
1
7
20

my mistake this is not a fix. it just prevents the iframe issue all together. – lpic Aug 16 '12 at 10:08

facebook auth and Ie9 p3p

1 Answers1