Here's the situation:
- Site front-end hosted by SquareSpace.com CMS
- Core functionality for service provided on Amazon EC2
- Display Amazon-hosted HTML documents via <iframe> on SquareSpace site
- Amazon-hosted HTML functionality is broken (can't even login) because that domain (just an IP address) can't write cookies when the site is hosted inside a frame.
- It works on other browsers that are less strict with third-party cookie handling.
- If I open IE cookie settings and "allow all cookies", or at least "allow all from" my Amazon IP address, the site works perfectly. But I don't want my users to have to do this.
I have been reading into the P2P Compact Privacy Policy, and it is my hope that if I include this, my site will work with the default IE cookie behavior. But I can't figure it out. Is it simply a matter of a META tag for the policy? And if so, where do I put that tag -- on the squarespace site, or the HTML document that loads inside the iframe?
Thanks for any pointers,
Shawn
Shawn Keene