October 30th, 2013, 05:19 AM
Safari, Cookies, CORS and Frustration
I have a site I am developing for a client. One page of this site shows an iframe to a survey (we control the survey and have our own survey hosting offering). So I have complete control over both sites.
The survey (the iframed page) uses sessions, set in cookies
Safari does not let iframed pages set cookies unless you have previously visited the domain in a non-framed page in your current browsing session.
Until I found a workaround, I set both sites to serve the following header:
This appeared to work, but perhaps my testing wasn't though enough as it now certainly does not work.
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
I can see the requests being made in the safari console and the headers set....but the cookie does not persist so the app is broken when iframed.
More research today shows me that this work around was from an old thread that the work around has now ceased to work.
Does anyone here have any other ideas on how to get this working.
Worse case scenario: I sniff out the user agent and just present a link to the survey to safari users (maybe open in a new window to)
October 30th, 2013, 09:14 AM
He who knows not that he knows not is a fool, ignore him. He who knows that he knows not is ignorant, teach him. He who knows not that he knows is asleep, awaken him. He who knows that he knows is a leader, follow him.
October 30th, 2013, 09:25 AM
I like your logic....if I can get it all done with http headers then it should be nice and quick
Originally Posted by Triple_Nothing