<div dir="ltr">Hi!
<div><br></div><div>Has anyone encountered any problems with a JavaScript client running on Internet Explorer? </div><div><br></div><div>It seems that IE applies some restrictions regarding <iframe /> and cookies. Unless the Keycloak server in question returns a P3P header, IE does not allow any cookies to be set by Keycloak inside the <iframe> on a JavaScript client.</div><div><br></div><div>Here's Microsoft's blog post regarding the issue:</div><div><a href="https://blogs.msdn.microsoft.com/ieinternals/2013/09/17/a-quick-look-at-p3p/">https://blogs.msdn.microsoft.com/ieinternals/2013/09/17/a-quick-look-at-p3p/</a></div><div><br></div><div>If I have understood correctly IE doesn't really care about the header's value as long as it has been set. For example Google returns:</div><div><br></div><div>P3P: CP="This is not a P3P policy! See <a href="https://www.google.com/support/accounts/answer/151657?hl=en">https://www.google.com/support/accounts/answer/151657?hl=en</a> for more info."<br></div><div><br></div><div>What do you think, should Wildfly in the Keycloak distribution add the P3P header by default? </div><div><br></div><div>Best regards,</div><div>Thomas</div></div>