Skip to main content


Showing posts from January, 2008

Why IE rejects your cookies for no apparent reason

Seriously, WTF . I'll summarize for those of you who are allergic to MSN knowledge base articles, although this one is fairly to-the-point: If you implement a FRAMESET whose FRAMEs point to other Web sites on the networks of your partners or inside your network, but you use different top-level domain names... IE silently rejects cookies sent from third party sites. This bit me today while adding facebook support to my text-based game -- I'm going the IFRAME route for fb support rather than rewrite the whole app in FBML thankyouverymuch, and yes, apparently IFRAME counts too for IE retard-mode. What makes me cry a little inside is not the two hours spent deep in old and crufty login and cookie-setting legacy code wondering what the flaming hell was going on. No, what makes me cry is that I got screwed by a setting that will never block the bad guys, because labeling yourself a good guy is entirely voluntary . It's like someone at MS read the evil bit RFC and took