Friday, 7 June 2013

Cross-domain or 3rd party cookies through an iFrame in Safari 6

In Safari 6 setting a 3rd party cookie has become even more difficult. Previously problems like this could be overcome with P3P headers and the like (and here's a previous post of mine where it caught me out again with IE), and for Safari 5 and earlier there were other techniques.

Well now the user needs to have interacted directly with the domain for a cookie to be set, and there are several ways of acheiving this described in this SO post, which also has the following notable comment from one user:

"it is becoming pretty obvious that 3rd party cookies are now the devil, even when used in appropriate ways"

This is particularly pertinent for Facebook app developers when we need to display a once-only welcome message and remember that is has been presented, or for those who choose an obstructive opt-in cookie message (rather than implied consent) and need to remember that this has been accepted. 

No comments:

Post a Comment

Comments are moderated, so you'll have to wait a little bit before they appear!