[thelist] IE discards cookies if no-cache?

Simon Perry thelist at si-designs.co.uk
Thu Jan 27 15:46:34 CST 2005


Dougal Campbell wrote:

> I haven't had time yet to try creating a compact P3P policy and 
> testing whether it affects the browser's behavior. But as a 
> data-point, when I viewed the original SSL page, View/Privacy Report 
> said that cookies were allowed. And in fact, the browser *would* get 
> the cookie, it's just that it didn't save it beyond the current 
> browser session.
>
IE downgrades any cookie that doesn't comply with the users privacy 
settings to a session cookie. My bet would be that your privacy policy 
may not cover the domain / sub domain that your SSL site is hosted on. 
Although browsers should consult the full policy if a compact one can't 
be found I believe that one of IE's "quirks" is not bothering to check 
anything but the compact policy!

Simon


More information about the thelist mailing list