工作中遇到的問題 從本域A iframe另一個域的頁面（是登入頁） 驗證碼總是提示錯誤 (IE下才有問題，因為那個頁要activex 所以開始沒懷疑session) 經過排查確定是iframe裡的頁面生成的cookie是儲存不住的；

測試用例如下：
A域頁面程式碼 ：
  <iframe src="http://B/p3p.php"></iframe>   

B域頁面

 <?php
session_start();
if(!empty($_GET['test'])){
  var_dump($_SESSION['p3p']);
}else{
 $_SESSION['p3p'] = 'room';
 echo "<a href='?test=1'>test</a>";
 var_dump($_SESSION['p3p']);
}
?>
IE下點選IFRAME裡的連結 打印出NULL
因為IE裡iframe是不傳輸stored_cookie的
資料原文:
The problem lies with a W3C standard called 

Platform for Privacy Preferences or P3P for short. You can read all about the boring stuff via the link or else just install the P3P Compact Policy header below. This will allow Internet Explorer to accept your third-party cookie. You will need to send the header on every page that sets a cookie.

解決方法是輸出個header

PHP:

header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');

ASP.NET:

HttpContext.Current.Response.AddHeader("p3p","CP=/"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT/"");

JSP:

response.addHeader("P3P","CP=/"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT/"")

試驗在設定session的地方輸出header即可
 .....
  header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
  $_SESSION['p3p'] = 'room';
.....



參考:http://adamyoung.net/IE-Blocking-iFrame-Cookies
     http://www.w3.org/P3P/