--- Stanislav Kuhn <[EMAIL PROTECTED]> wrote: > But problem is when I want to include my sctipt to a client > web site. Technically my script is included in frame of html > page on another server. I know, using frames is ..... but > clients are using them very offten and I can do nothing with > that. Problem with sending session id from IE to server > becoming in MEDIUM level of security (which is normally used) > in this case (included in frame on another server) and cookies > are blocked as well.
This is a bit of a guess, but I seem to recall that IE requires a valid P3P policy to be in place before it will include third-party cookies in a request. That's exactly what a URL within a frameset would be considered if the domain is different. Hope that helps. Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly Coming Fall 2004 HTTP Developer's Handbook - Sams http://httphandbook.org/ PHP Community Site http://phpcommunity.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
