We use cookies to help make our site work properly and to analyze how our site is used. Some are optional, but none contain your personal information, and we don't use any for ads. You can view our cookies policy, manage your cookie preferences, or consent and dismiss this banner by clicking agree:

Agree
ExpressionEngine CMS
Open, Free, Amazing

Thread

This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.

The active forums are here.

Login form inside iframe not working in IE

September 02, 2013 7:47am

Subscribe [1]

  • #1 / Sep 02, 2013 7:47am

    srj.agency

    13 posts

    Hi ladies and gentlemen,

    So I’m building this Facebook app running on EE. At some point in the app, users need to log in to an EE account. Works fine in every browser, except for IE.

    My facebook app runs inside an iframe (Facebook page tab), and this seems to be the problem. I’ve made a super simple template for testing with a normal exp:member:login_form, which returns to itself:

    {if logged_in}
 Hi {screen_name}!
 {/if}
 {exp:member:login_form return="start/login"}
                 <label>Username</label>

                 <input type="text" name="username" value="" maxlength="32" size="25">
                 <label>Password</label>

                 <input type="password" name="password" value="" maxlength="32" size="25">
         <input type="submit" name="submit" value="Submit"></p>
 {/exp:member:login_form}

    Obviously, this login form works perfectly fine when not in an iframe. However, when inside an iframe, the login form simply returns to itself, but doesn’t display “Hi {screen_name}”, indicating that EE thinks you’re not logged in. I think the iframe is not allowed to set a session id by Internet Explorer.

    When I target the login form directly (outside of an iframe), log in, and then refresh the iframed login page, it suddenly does recognize the user.

    What should I do to allow the iframed login form to actually log a user in? And why is it that any browser works fine, except for IE?

    Thanks a lot!

     

  • #2 / Sep 03, 2013 5:07am

    srj.agency

    13 posts

    Okay, so I’ve continued to Google for about half a decade and everything is pointing towards P3P headers: I need to send a P3P header (and policy) from the iframed page so that Internet Explorer trusts its cookies.

    Now the problem is: I can’t. Well - I can send the header from the page with the login form, but then the redirects don’t send the header meaning the cookie is blocked anyway.

    So; new question: how can I make sure the P3P headers are sent from the redirect pages as well? I tried sending them from the Design > User messages template, but this doesn’t allow PHP.

    Is there a way I can make sure *any* page generated by EE sends the P3P headers?

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases

© Packet Tide, All Rights Reserved. Legal Notices

Username

Password

Forgot password?
or Register