iFrames and Cookies

Question

I have a site on A.com and an iframe on B.com which reads info from A.com. I realize that there is some problems with third party cookies, iframes and P3P - particularly in Safari [my problem]

Is it possible to instead, use AJAX or a hidden iFrame to pass the cookie information from A.com to B.com which will then "recreate" another cookie with the same information on the iframe in B.com.

I am trying to do this for authenication - i.e. a user is logged in on A.com and then goes to b.com and the iframe is also logged in ?

I was hoping to perhaps pass the data in a hidden iframe and "recreate" the cookie in the iframe on B.com using JavaScript? Is this possible ? Security issues ? What about HTTPS?

score 0 · Accepted Answer · answered Jun 01 '10 at 08:18

0

I'm afraid you're out of luck. In Safari and IE8, it's impossible to set a cookie in a domain which is not the primary document's domain.

So, in other words, you can only set cookies for a domain which is visible in the address bar. There are no tricks to get around this problem.

answered Jun 01 '10 at 08:18

Philippe Leybaert

168,566
31
210
223

ah really so you cant even "create" the cookie at all ? – Tom Jun 01 '10 at 08:33
i.e. its not passing the "cookie itself" - rather passing the cookie data, then using createCookie() to recreate the cookie ? or still wont be allowed ? – Tom Jun 01 '10 at 09:00
No, the frame for B.com is not allowed to set/create ANY cookies. – Philippe Leybaert Jun 01 '10 at 09:02
ok thanks :( well there goes that idea. ill try to use P3P only then and some kind of work around – Tom Jun 01 '10 at 09:15

iFrames and Cookies

1 Answers1

Linked