Fix IE Blocking iFrame Cookies Problem

by Weijie JIN on

For security reason, Internet Explorer block the cookie manipulation of a page when the page is inside an iframe. This is really ridiculous because the two frames are totally two different sites and the security policy has already block the dom operation between the two frames. Why block the cookie operation inside the iframe itself? Other browsers don’t have such issue. So, IE really really sucks.

But the major users are using the f**king, so we have to face the problem.

Here’s my steps( I assume we have two sites and to resolve this issue by creating a policy for IE:

1. Download the IBM Privacy Policy Editor from (I also set it in the sample package)

2. Create a folder “w3c” in root.

3. Open the editor, select “Create a policy from a template”, and click “OK”.


4. Select the template “Access logging & user tracking”, and “OK”


5. Here’s the policy file we have.


6. Save the policy file to “w3c” folder as “privacy_policy.p3p”


7. Choose “File” -> “Save Compact Policy As…”, save the compacted policy to a text file, we say “privacy_policy.txt”, we’ll use its content as http header later.

8. Also in “w3c” folder, create a p3p.xml file, we’ll set this file path in the http header, p3p.xml content:


9. This time I use a aspx file to add an http header, so I change the comptanoo.html to comptanoo.aspx.


10. In the comptanoo.aspx, I set a header:


11. Run the again, we can find that we CAN set/get cookie now in Comptanoo.aspx


12. If we remove the header, cookies will be blocked again:


I attached all the files; also the IBM Privacy Policy Editor is enclosed. Please download here:

  • mike moseley


    Hope that you are doing well. Thank you for the great cookie/policy information. What if one cannot place the required file in the ‘root directory?’ We are working with a Google Site, and it appears that the policy is being dropped or redirected via Internet Explorer. The result is desired content in an iFrame is not being displayed. Do you have any thoughts about how to resolve this?

    Thank you,


  • jinweijie

    Hi Mike,

    Sorry, but as far as I know, you have to have the root directory privilege to do that.


  • Nadav

    Hi Weijie

    The link for the IBM policy editor seems not to work.

    Do you have an up-to-date link?

    Thanks you


  • jinweijie

    Sorry, I don’t have…

  • Flavio

    I trying to solve the Cookies issue with IE.
    I have a site with That has a Iframe tag linking to
    I did all steps your excellent tutorial, but i still have the same problem when I send login and pw to the second site.
    If you can Please respond to my e-mail:
    this way I can send some code and oder informations.
    Flavio Sampaio

  • jinweijie

    Hi Flavio,

    Have you run the sample successfully in the download link?



Previous post:

Next post: