Problem:

Only the current site session cookie is created with a multisite configuration in IE (6 and 7). However, the code works fine in Firefox 3.0.10 with multiple sessions.

Environment (isolated domains, not subdomains):

example1.com
example2.com
example3.com

Centos 5.2 (Linux kernel 2.6.18-53.1.13.el5)
Apache 2.0.63
MySQL 5.0.77
PHP 5.2.5
Drupal 6.12

Synopsis:

In IE, if you login to example1.com, the session cookie is created. However, example2.com and example3.com session cookies are not created.

Comments

dalin’s picture

dalin
he/him
Primary language English
Location 🇨🇦, 🇲🇽, 🌍
commented
Priority: Critical » Normal
Status: Active » Postponed (maintainer needs more info)

I cannot reproduce. I'm guessing that you have IE setup to block 3rd party cookies.

If you send me your email address I can create a user for you at my test installation for you to try.

uberhacker’s picture

uberhacker commented

This appears to be related to the IE default policy setting which blocks third party cookies. After enabling third party cookies, I was able to create multiple sessions simultaneously. However, I could only get two sites working. Any idea why sessions are being limited?

dalin’s picture

dalin
he/him
Primary language English
Location 🇨🇦, 🇲🇽, 🌍
commented
Status: Postponed (maintainer needs more info) » Active

May need to experiment with
header('P3P: CP="CAO PSA OUR"');
or
header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');

Some other relevant URLs:
http://msdn.microsoft.com/en-us/library/ms537343.aspx#_P3P%20and%20Compa...
http://support.microsoft.com/kb/323752/EN-US/

Modern editions of FF ignore P3P (it seems like a pretty dumb protocol anyway), I wonder if IE7 ignores it too?

Routh’s picture

Routh commented
Assigned: Unassigned » Routh
Status: Active » Needs review

I have just taken over development of this module. I will be reviewing this issue and looking to patch the code to repair. I am tagging this so that all followers know I have acknowledged the problem.