I really not sure, still on IE6... but no one is talking so I'm going to
guess.
I think so, but I dont use IE7 so who knows.... but have a look at this
article
its ASP, but its easy reading and explains the concept....
http://www.15seconds.com/issue/971108.htm
and then look up setDomain in javax.servlet.http.Cookie
Before you buy domain names, you could test it from 2 machine in the
office.... just set domain names in the HOSTS file in system32/drivers/etc
Only thing I could find on IE7 was this... its set to medium, which
means.....
Medium High Cookies from third-party websites that do not have a
compact policy (a condensed, computer-readable privacy statement) will
be blocked.
Now if the above doesnt work, then I think nothing will.... so then I would
put a (condensed, computer-readable privacy statement) on the web server,
dont ask me how, must be in the help files.... but it would say.... "To stop
this irritating Microsoft message.... change your setting to Cookie Low"....
ha ha.
I think your domain idea will work....
Have you guys noticed how much Antivirus Stuff microsoft is updating....
this whole security thing is driving me nuts, like other day I opened an old
web page I had with (file) links to files on local machine... those links
dont work anymore.... blocked.
Seems like Bill wants to kick Norton and Avast and the others out of
business, as they decide to become their own (one and only) AntiVirus
producer.
I think developers need to watch this area, because as MS close holes and
string their antivirus program together, in the process programmers finding
all sorts of new issues. Good time to sell your Norton shares... nasty Bill
is coming... I think.
----- Original Message -----
From: "john hufnagle" <[EMAIL PROTECTED]>
To: <users@tomcat.apache.org>
Sent: Tuesday, April 03, 2007 3:35 PM
Subject: Session Cookie and IE7
A partner of our company has a web site that includes HTML generated by our
Tomcat web app.
They use an <iframe> to contain our Tomcat generated HTML. The problem is
that IE7 (works correctly for Firefox & IE6) blocks the jessionid cookie
because it is a third party cookie.
If we have our site registered as a sub-domain of their domain is it
possible for me to explicitly set the domain on the session cookie that
Tomcat creates? I would like to be able to set the domain to be the parent
domain of us and our partner company. I have done some searching of the
archives and API and I don't see anyway to accomplish it.
Any help appreciated.
Thanks
John
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
