[keycloak-user] JavaScript client, iframe and IE
Stian Thorgersen
sthorger at redhat.com
Thu Apr 14 08:54:37 EDT 2016
Are you talking about the session iframe used by the JavaScript adapter or
something else?
On 14 April 2016 at 14:47, Thomas Raehalme <thomas.raehalme at aitiofinland.com
> wrote:
> Hi!
>
> Has anyone encountered any problems with a JavaScript client running on
> Internet Explorer?
>
> It seems that IE applies some restrictions regarding <iframe /> and
> cookies. Unless the Keycloak server in question returns a P3P header, IE
> does not allow any cookies to be set by Keycloak inside the <iframe> on a
> JavaScript client.
>
> Here's Microsoft's blog post regarding the issue:
>
> https://blogs.msdn.microsoft.com/ieinternals/2013/09/17/a-quick-look-at-p3p/
>
> If I have understood correctly IE doesn't really care about the header's
> value as long as it has been set. For example Google returns:
>
> P3P: CP="This is not a P3P policy! See
> https://www.google.com/support/accounts/answer/151657?hl=en for more
> info."
>
> What do you think, should Wildfly in the Keycloak distribution add the P3P
> header by default?
>
> Best regards,
> Thomas
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160414/9e891157/attachment.html
More information about the keycloak-user
mailing list