search

thanhlong203 / closure-library

Automatically exported from code.google.com/p/closure-library
0 stars 0 forks source link

net.xpc.CrossPageChannel.createPeerIframe does not allow third-party cookie writing in Safari under default settings when the peer frame is an alternative domain #351

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago 

What steps will reproduce the problem?
1. Clear cookies in Safari
2. call net.xpc.CrossPageChannel.createPeerIframe to load a x-domain page in 
the iframe that sets a cookie
3. check to see if cookie gets written

What is the expected output? What do you see instead?
Expected: cookies writing (behavior is FF & Chrome, IE requires a special p3p 
header)

What version of the product are you using? On what operating system?
Safari 5.0.5, OSX 10.6.8

Please provide any additional information below.
The behavior is well know and documented here.
http://code.google.com/p/browsersec/wiki/Part2#Third-party_cookie_rules

Original issue reported on code.google.com by a...@google.com on 26 Jul 2011 at 11:06