cookie authentication

dekart · Apr 1, 2011 · 023ff57 · 023ff57
1 parent 814a041
commit 023ff57
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -60,6 +60,13 @@ If you are using Rails 3, put this line of code inside your `config.ru` file :
 
     use Rack::PostCanvas
 
+Also, if you plan on supporting IE 6/7 and use cookie authentication, you should add a P3P header to your response in order for IE to accept the cookie :
+
+    before_filter :set_p3p_header_for_third_party_cookies
+
+See [this blog post](http://www.softwareprojects.com/resources/programming/t-how-to-get-internet-explorer-to-use-cookies-inside-1612.html)
+and [this forum thread](http://forum.developers.facebook.net/viewtopic.php?id=452) for details.
+
 Contributing
 ------------
 

diff --git a/lib/facebooker2/rails/controller.rb b/lib/facebooker2/rails/controller.rb
@@ -195,5 +195,12 @@ def set_fb_cookie(access_token,expires,uid,sig)
         cookies[fb_cookie_name] = { :value=>value }#, :expires=>expires}
       end
     end
+
+    # For canvas apps, You need to set the p3p header in order to get IE 6/7 to accept the third-party cookie
+    # For details http://www.softwareprojects.com/resources/programming/t-how-to-get-internet-explorer-to-use-cookies-inside-1612.html
+    def set_p3p_header_for_third_party_cookies
+      response.headers['P3P'] = 'CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"'
+    end
+
   end
 end