Geek Answers Handbook

Internet Explorer 8 does not pass session cookie for ajax request

I have a simple php application, it works in all browsers except IE8 beta 2, the problem occurs when I try to update a table field using an Ajax call (jQuery post method). Using the IE8 debugger, I find out that IE8 does not send a session cookie, so php scripts redirect to the login page instead of performing the requested action.

What can I do to make this work.

Edit: I do not mention that I used Code Igniter, so I solved this problem by replacing the Session Igniter default session implementation with native. The default implementation of the igniter session uses a cookie to store all data.

+6
internet-explorer ajax php session
source share
5 answers

Yesterday I had a similar problem and found a solution. Hope this helps another.

Problem: Suppose there is a site www.somewebsite.com and an IFRAME inside it that downloads a php file from my server, www.myserver.com/welcome.php . The website was loading successfully, as well as my welcome page, and it showed something like "Hello Bob", so it successfully found the user and started it.

Subsequently, my JavaScript made AJAX calls to another PHP file, and the response was in an “unauthorized” state, so the SESSION data was completely absent. After refreshing the page, everything worked correctly. And this only happened in IE8!

I thought the problem was with sending session cookies to the server, but when I installed Fiddler , I found that IE8 correctly sends cookies as well as PHPSESSID, but the server could not detect the correct SESSION object. Another strange thing: the server of the 2nd server sent the following header:

P3P: CP = "IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

but the first time not. After adding this header manually in a PHP script, everything worked like a charm!

Then, when I googled that "p3p abracadabra", I found the following website:

http://adamyoung.net/IE-Blocking-iFrame-Cookies

Conclusion: Make sure you send a headline on every page that sets a cookie.

And this is not only related to the IE8 + PHP combination, the same problem occurs in the case of IE8 + ASP.NET , IE8 + JSP , etc.

+8
source share

I do not have IE8 myself, but your cookie may be blocked due to strange Internet Explorer security policies. A possible workaround would be to use P3P (which is also a method of getting cookies working inside IFRAME).

Creating the right P3P policy may work a little, but you should be able to find the information you need http://www.p3ptoolbox.org/

+5
source share

I had the same problem in IE8 RC1:

1) the user goes to the login page and an empty session cookie is set
2) The user logs in and a validated session cookie is set, and javascript opens a new window and closes the current window.
3) A new window opens and contains an empty session cookie.
4) The user is redirected to the login page

I changed step 1 so that an empty cookie was not set - I only send session cookies if it has been verified. This fixed the problem for me.

0
source share

I'm having trouble getting IE8 to use SSL certificate files (PK12) as an authorization tool. If I want to protect the directory and make the corresponding web certificate present in the browser before granting access. It works great with IE7 and all versions of Mozilla - just not IE8. This made my wife’s dictation system useless. Another thing that I noticed is that when it sets the PHPSESSID cookie, it lists the domain as .net, not mydomain.net.

0
source share

As a workaround, you can insert a SessionID as a parameter on uri.

See passing session id in php manual.

-3
source share

More articles:


All Articles