Skip to content

How to get IE to accept third party cookies

Third party cookies are most often used by ad serving companies, because they are set by an image or other resource that can be pulled from a different domain, they are one way of tracking behavior across websites.

A short example: If I visit site A (www.foo.com) and site B (www.bar.com) and they both pull an image from site C (www.baz.com), it can set cookies for the site C domain (.baz.com), with a value of siteA or siteB.  Then when I visit site C, it ‘knows’ that I’ve been to sites A and B.

This can be sinister (see the wikipedia link above for privacy concerns).  However, if you have multiple web properties, then you may want to tie user behavior together across properties.  Third party tools like Google Analytics offer one way to do this, but if you want custom application behavior, then third party cookies are probably the way to go.

Firefox (at least my version of firefox, without any add ons or options changes) treats third party cookies much the same as first party cookies; that is, they just work.  However, IE requires a bit more hoop jumping, as they check the p3p compact policy.  A compact policy is basically a header you set which looks like this: P3P: CP="CAO PSA CONi OTR OUR DEM ONL".  I looked around for an easy explanation of what the various values are and how to set them in a coherent manner, but didn’t run into anything very useful.  However, I finally stumbled on this tutorial, which points you to this IBM software, which you can use to create a compact policy.  The tutorial also walks you how to use that software, which is not entirely intuitive.

As far as I can tell, IE doesn’t actually check for the existence of the corresponding policy file, nor does it care if the site does what the p3p header says it does, but it does require a valid compact policy.

After you’ve added that header, IE (versions 6-8) will accept your third party cookies.

[tags]third party cookies, compact policy, howto[/tags]