Session cookies not created in IE
uberhacker - June 2, 2009 - 13:30
| Project: | Multisite Login |
| Version: | 6.x-1.x-dev |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
Description
Problem:
Only the current site session cookie is created with a multisite configuration in IE (6 and 7). However, the code works fine in Firefox 3.0.10 with multiple sessions.
Environment (isolated domains, not subdomains):
example1.com
example2.com
example3.com
Centos 5.2 (Linux kernel 2.6.18-53.1.13.el5)
Apache 2.0.63
MySQL 5.0.77
PHP 5.2.5
Drupal 6.12
Synopsis:
In IE, if you login to example1.com, the session cookie is created. However, example2.com and example3.com session cookies are not created.
#1
I cannot reproduce. I'm guessing that you have IE setup to block 3rd party cookies.
If you send me your email address I can create a user for you at my test installation for you to try.
#2
This appears to be related to the IE default policy setting which blocks third party cookies. After enabling third party cookies, I was able to create multiple sessions simultaneously. However, I could only get two sites working. Any idea why sessions are being limited?
#3
May need to experiment with
header('P3P: CP="CAO PSA OUR"');
or
header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
Some other relevant URLs:
http://msdn.microsoft.com/en-us/library/ms537343.aspx#_P3P%20and%20Compa...
http://support.microsoft.com/kb/323752/EN-US/
Modern editions of FF ignore P3P (it seems like a pretty dumb protocol anyway), I wonder if IE7 ignores it too?