Project:Multisite Login
Version:6.x-1.x-dev
Component:Code
Category:bug report
Priority:normal
Assigned:Unassigned
Status:active

Issue Summary

Problem:

Only the current site session cookie is created with a multisite configuration in IE (6 and 7). However, the code works fine in Firefox 3.0.10 with multiple sessions.

Environment (isolated domains, not subdomains):

example1.com
example2.com
example3.com

Centos 5.2 (Linux kernel 2.6.18-53.1.13.el5)
Apache 2.0.63
MySQL 5.0.77
PHP 5.2.5
Drupal 6.12

Synopsis:

In IE, if you login to example1.com, the session cookie is created. However, example2.com and example3.com session cookies are not created.

Comments

#1

Priority:critical» normal
Status:active» postponed (maintainer needs more info)

I cannot reproduce. I'm guessing that you have IE setup to block 3rd party cookies.

If you send me your email address I can create a user for you at my test installation for you to try.

#2

This appears to be related to the IE default policy setting which blocks third party cookies. After enabling third party cookies, I was able to create multiple sessions simultaneously. However, I could only get two sites working. Any idea why sessions are being limited?

#3

Status:postponed (maintainer needs more info)» active

May need to experiment with
header('P3P: CP="CAO PSA OUR"');
or
header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');

Some other relevant URLs:
http://msdn.microsoft.com/en-us/library/ms537343.aspx#_P3P%20and%20Compa...
http://support.microsoft.com/kb/323752/EN-US/

Modern editions of FF ignore P3P (it seems like a pretty dumb protocol anyway), I wonder if IE7 ignores it too?

nobody click here