Safari 5.1.4 enforces cookie policy

If you’re familiar with coding iFrame Apps for Facebook, you might be interested in this:

“An issue existed in the enforcement of its cookie policy. Third-party websites could set cookies if the “Block Cookies” preference in Safari was set to the default setting of “From third parties and advertisers”.“

In short: before 5.1.4 you were able to trick Safari with a cookie set through JavaScript or a .htaccess to prevent losing the session. Sadly, this no longer works. I’d be quite interested if Facebook is going to provide a solution or a new workaround.

See also on Stack Overflow: Safari 3rd party cookie iframe trick no longer working?

There’s a solution. I load this script (slightly modified) along with the permission dialog and it works fine. It’s not the most beautiful method, but it’s solid and the user shouldn’t notice.

Update 2
I enhanced the script a little bit to only fire in Safari:

function setCookie()
     {if (navigator.userAgent.indexOf('Safari') != -1 
     && navigator.userAgent.indexOf('Chrome') == -1

safari.php is where you set the cookie.

Leave a Reply

Your email address will not be published. Required fields are marked *