12

I am running a Drupal 7 site and am noticing a problem on IE9, when the browser window is closed the user is logged out. We have "remember me" module enabled and the cookie is set to not expire. There is no issue on Chrome or any other browser, you can close browser and when you open it the user is still logged in. I do not not see this problem on any other D7 website I run using this same browser and computer. The host is Blackmesh.

settings.php has $cookie_domain = '.mydomain.com'; I am thinking of changing this to $cookie_domain = 'www.mydomain.com'; as the site always redirects to www this makes sense to me and is what me and my sys admin friend agree on.

One potential solution I am thinking about is setting cookie domain in settings.php $cookie_domain = 'www.mydomain.com';

I am noticing there are some cookies on the site being served from www.my domain and some from .mydomain

I found some threads that seem to have vaguely similar problems.

http://forums.modx.com/thread/76947/ie-login-issue-with-www-vs-non-www-address

https://www.drupal.org/node/280623

Fjodr
  • 919
  • 13
  • 32
Alex Borsody
  • 1,908
  • 9
  • 40
  • 74
  • Have you checked your *Internet Options* to see if [*"Delete browsing history on exit"*](http://i.imgur.com/Hzw035F.png) is checked? – Sampson Jun 08 '15 at 06:35
  • This issue is ONLY on this site not another D7 site so the problem is on the site not anything in the browser. Users coming to this website are reporting problems, it is something only with this site not with other D7 sites. This problem is not happening on other sites, using IE9 on this computer. – Alex Borsody Jun 11 '15 at 16:22
  • settings.php has $cookie_domain = '.mydomain.com'; I am thinking of changing this to $cookie_domain = 'www.mydomain.com'; as the site always redirects to www this makes sense to me and is what me and my sys admin friend agree on. – Alex Borsody Jun 11 '15 at 17:31
  • Give that a shot, and please let us know here how it works for you. – Sampson Jun 11 '15 at 17:55
  • Thanks for the suggestion I have cookies set to 23 days right now – Alex Borsody Jun 11 '15 at 21:38
  • your cookie is still present on reload ? do you have any site example ? to let us debug it – intika Jun 12 '15 at 15:38
  • Internet Explorer does not set cookies on domains or subdomains with underscores (_). Maybe that is the case with your domain? – Lain Jun 17 '15 at 14:14

1 Answers1

3

There shouldn't be any issue with the cookie domain being .mydomain.com instead of www.mydomain.com because cookies set on the root domain should work properly on any "subdomain" such as www, though it wouldn't hurt to try because it's simple to change.

Depending on the cookie privacy settings in IE, it might be that the cookie is not getting saved for this site if a proper P3P header isn't being sent. For testing I'm pretty sure you could use p3p: CP="CAO PSA OUR" (so in .htaccess put Header set P3P 'CP="CAO PSA OUR"'. I don't know what the correct P3P would be for your case if this is in fact the issue, but this was one that I've seen work for a different "only IE is blocking cookies" issue. You might need to research it a little if this doesn't work.

If this is the issue, then for using it in production make sure it truthfully represents your privacy policy (check out http://www.techrepublic.com/blog/software-engineer/craft-a-p3p-policy-to-make-ie-behave/).

A hint that cookies are being blocked is if you see a privacy eye icon in the status bar (if I recall correctly I think it looks like http://divabradford.org.uk/media/36647/ie_privacy.jpg).

falsarella
  • 12,217
  • 9
  • 69
  • 115
Jaffer Wilson
  • 7,029
  • 10
  • 62
  • 139