yakovsh/2004_10_12-ie_cookies.html

## 2004_10_12-ie_cookies.html
<!--
Recently I had a weird problem while using Tomcat - sessions would get lost when using Microsoft's Internet Explorer.
Since Tomcat stores the session id as JSESSIONID cookie, the session would get lost when the cookie is not stored.
Same behavior occurs with other web servers including IIS and Resin.

After further research, it seems that IE does not store cookies at default privacy settings unless a P3P policy is
provided for the site. In order to bypass this problem, a basic P3P policy needs to defined and included in the site.
I used IBM's P3P editor to generate a basic P3P XML policy file and the following snippet of HTML code to enable it.

This is still true as of 2011: [http://blog.toppingdesign.com/2011/11/18/ie-iframe-p3p-cookies-oh-my/]
-->

<link rel="P3Pv1" href="http://www.somesite.tld/policyfile.xml" mce_href="http://www.somesite.tld/policyfile.xml">
	<!--
	Recently I had a weird problem while using Tomcat - sessions would get lost when using Microsoft's Internet Explorer.
	Since Tomcat stores the session id as JSESSIONID cookie, the session would get lost when the cookie is not stored.
	Same behavior occurs with other web servers including IIS and Resin.

	After further research, it seems that IE does not store cookies at default privacy settings unless a P3P policy is
	provided for the site. In order to bypass this problem, a basic P3P policy needs to defined and included in the site.
	I used IBM's P3P editor to generate a basic P3P XML policy file and the following snippet of HTML code to enable it.

	This is still true as of 2011: [http://blog.toppingdesign.com/2011/11/18/ie-iframe-p3p-cookies-oh-my/]
	-->

	<link rel="P3Pv1" href="http://www.somesite.tld/policyfile.xml" mce_href="http://www.somesite.tld/policyfile.xml">