Are you talking about the session iframe used by the JavaScript adapter or something else?

On 14 April 2016 at 14:47, Thomas Raehalme <thomas.raehalme@aitiofinland.com> wrote:
Hi!

Has anyone encountered any problems with a JavaScript client running on Internet Explorer? 

It seems that IE applies some restrictions regarding <iframe /> and cookies. Unless the Keycloak server in question returns a P3P header, IE does not allow any cookies to be set by Keycloak inside the <iframe> on a JavaScript client.

Here's Microsoft's blog post regarding the issue:
https://blogs.msdn.microsoft.com/ieinternals/2013/09/17/a-quick-look-at-p3p/

If I have understood correctly IE doesn't really care about the header's value as long as it has been set. For example Google returns:

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/answer/151657?hl=en for more info."

What do you think, should Wildfly in the Keycloak distribution add the P3P header by default? 

Best regards,
Thomas

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user