This post may be a bit late, but I recently addressed this issue for a Grails application. Many years ago, the same problem arose in the Java web application that I created when Internet Explorer blocked cookies (privacy settings). In order for the Java and JavaScript web applications to record cookies on the main page or in IFRAME in Internet Explorer, a privacy policy has been sent from the web application. Microsoft still maintains a privacy policy format called the Privacy Platform (P3P) . This format does not appear to be supported in other modern browsers, but it helps to cope with IE cookie problems. Despite the problems with IE 10 P3P support, I successfully tested the following P3P settings with rigorous validation.
1) Define the required categories for your application. For my application to work correctly, the categories needed were interactive , navigation, and unique . Compact Policy codes are listed on the P3P specification site.
Category Compact -------- ------- interactive => INT navigation => NAV uniqueid => UNI
2) Determine if only compact policy will work. A compact policy header was enough for my application. If you need a policy file, check out some examples here: http://p3pbook.com/examples.html .
3) The code below is a very simplified example, but should still illustrate the steps that are taken.
HttpServletResponse response = (HttpServletResponse) res; String policySettings = policyFileExists ? "policyref='" + policyFilePath + "', " : ""; policySettings += "CP='INT NAV UNI'"; response.setHeader("P3P", policySettings);
You can follow similar steps in other technologies such as PHP and ASP.NET. Hopefully this will at least help point people in the right direction to solve the IE cookie problem.
mongermd
source share