Facebook iframe not working in IE; session/login issue?

Question

I have an issue with my Facebook canvas iframe application.

I\'m using sessions to build a simple questionnaire-style application. There\'s a question on each page, when

Answer 1

I suggest a different approach to this problem, without using P3P headers or other odd stuff. The problems arises because the two applications are hosted on different domains. In particular, when your application needs to start session or to save a cookie on the client, any cookies or sessions you set will be considered ’3rd-party’. The only way you can successfully set sessions or cookies is if your users have visited your domain previously.

So my solution is:

• the hosting application instead of showing the page with the iframe, it previously calls your application with a particular URL (ex: www.yourappsite.com/customer=9rUwkNmawUELbB2).
• your application checks the token and verifies if it is valid (this step only if you need to discriminate among different customers)
• if ok, sets a cookie on the client (you can do that because your app in not yet in an iframe)
• it then redirects the user to the original URL (the one which has the iframe that calls your app again).

From now on (until the first cookie is on the client) you can use sessions and cookies even if you are hosted in an iframe because your application is now trusted.

I successfully solved the issue without using P3P.