Previous     Next

How to set third-party cookies with iframe Facebook Applications June 25

Filed under APIs, Coding, FaceBook, Web by Gath | 12 comments

So you’ve written your facebook application, and you’ve gone the quick’n'easy route by making it an iframe application. The world is your oyster and any day now you’ll have your millionth user. Until you try to write a cookie.

Cookies written by your application will be treated as Third Party cookies by your browser, and in IE6 with the default privacy setting of ‘Medium’, they will be deleted. This can lead to all sorts of problems, from user settings not being remembered to total app breakdown (which, funnily enough, is what happened to me).

As it turns out, there is a simple solution. If you supply a ‘compact privacy policy’ with your page, then IE will treat the cookies with respect and let them through.

To the code

Just add this to the start of your page (every page where cookies will be written):

ASP.Net


HttpContext.Current.Response.AddHeader("p3p", "CP=\""IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\""")

PHP


header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');

via http://aspnetresources.com/blog/frames_webforms_and_rejected_cookies.aspx


If you liked this, then subscribe to my RSS feed

12 comments

  1. Rodrigo Geve Aug 2

    Very cool, .. thanks for the help, you’ve saved me a few hours of digging, and that’s always very appreciated!

    I’ve been developing a Web2.0/Ajax/Google Maps project for months now, and I figured, what the heck, let’s deploy a version on facebook. I just hope I don’t run into any major snags, .. using Iframe technique so I should be OK, .. now I have to figure out the whole authentication thing..

    Do you guys code facebook using PHP? Any java developers out there???

  2. Gath Aug 2

    Hi Rodrigo,

    I code using VB.Net - sorry I can’t be of much help.

    Definitely check out the Developer forums on Facebook, there are heaps of PHP developers there. Not sure about java.

    Good luck with your app.

    Cheers,
    Gath

  3. Ken Aug 4

    This fixed it great in IE. However, I am seeing the same problem in Firefox 2. Has anyone experienced this and/or found a fix?

  4. Michael Dec 23

    Hi Gath,

    thanks for the info, found it very useful. I am contemplating building an application myself, but can you advice on how much money these applications do or can actually generate for their owners?

  5. Aaron Jan 25

    Thanks for this. Saved My Day… :)

  6. khim Feb 20

    how can i put this application in my profiles????

  7. Captain Svejk Mar 21

    Thanks for this compact and well-explained solution.

    I have a mail form and php mail script (with “required field” and email validation code) on a separate server to the main site because the host domain has some kind of issues with sending emails out that they can’t or won’t resolve (supanames, uk).

    My cunning plan of including the form in an iframe (and re-populating the form fields via cookies) was thwarted in IE until I discovered this article.

    Nice one.

  8. Manfred Apr 12

    Great info! It works! Thank you so much! Manfred

  9. Tom Apr 24

    I’ve been looking all day for a solution like this and was on the verge of completely changing how my app works. Thanks Gath, you’re my hero (for today at least!)

  10. Michael Ng Apr 25

    This is a great solution. Thanks Gath.

  11. Eric May 5

    Has anyone found a solution to this problem for Safari?

  1. Easy Cross Domain Cookies (Sharing cookies between domains)

Leave a reply