Why can't I set a third-party cookie in Firefox 3?

1
votes

I can set first-party cookies just fine, but third-party cookies aren't being accepted by Firefox 3.6.16.

<?php
  setcookie('test', 'value', time() + 3600, '/', '.mydomain.edu');
  setcookie('anothertest', 'value', time() + 3600, '/', '.google.com');
  header('P3P:policyref="/w3c/p3p.xml",
  CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
?>

So the cookie test=value is being set with the proper domain. However my attempts to set a cookie for .google.com are being rejected by the browser. Note:

  • I have third-party cookies enabled in the browser
  • I have included a compact privacy policy
  • I have used a P3P validator to ensure that my policy is valid
  • I have used Tamper Data to ensure that the P3P header is being sent and that the Set-Cookie header contains the third-party cookie.

I'm very new to all of this, but from my reading this should be possible given the above. I know that setting a cookie from an iframe is considered third-party as well, but the wikipedia entry implies that I should be able to set a third-party cookie via this technique as well.

Any ideas?

1
firefoxcookies
No modern day browser will accept cookies for a third-party site. That goes against security.Black Frog
@Frog: Wikipedia claims that they are accepted by default provided a P3P policy is issued by the server. Is this wrong? en.wikipedia.org/wiki/HTTP_cookie#Browser_settingsFixee

1 Answers

0
votes

Firefox does accept 3rd party cookies unless you have it turned off under Options->Privacy