@#$%#$% Apple (in General)

Fresh off battling to get IE to recognize CB cookies I test Safari (on Windows) and it's eating our cookies too.

Please just follow the RFC guys.

Nothing useful to say here, just venting.

I wrote a site tracking system for my company similar to Google Analytics, we originally dropped cookies on a domain that we owned. In order to minimize the cookie blocking of our third-party cookie we implemented a very strict and complete p3p policy and this dropped our block rate from roughly 25% to 10%, but that was still too high for our purposes.

So, we decided to implement javascript cookie handling (which drops first party cookies only). The javascript cookie DOM is quite limited but we were able to get it to do what we needed.

I am pretty sure that if you got a good p3p policy in place, that would help you with the dropping cookies from a frame or frameset issue.

Ultimately, it would be ideal for you to drop a cookie from the first party domain, but if that is not possible, I would suggest putting in place a rock solid p3p policy.

We used the site below to help us create our policy and to have them check it and verify we had implemented it correctly.

http://www.p3pwriter.com/default.asp

is that the problem I got a few days back? Getting thrown back over and over using the IP address?

Fined Jonathan $3.17 CBD for using expletive characters.

Not really. Yeah, Apple seems to suck quite a lot when it comes to things like that...certainly not any better than Microsoft!

Fined sutekh $3.17 CB for imitating a real admin.
Fined myself $3.17 CB for imitating a real admin.
Applied head slap to self for imitating a real admin again.
Awaits Brent's ruling on this post.

Glory: I wasn't clear. Safari is not frustrating b/c it's pulling more of the p3p crap IE was. It's frustrating because *it doesn't even work direct to CB.*

Ok, I gotcha now. Safari is a pathetic browser at best. I feel your pain. The saddest thing about Safari is that Safari on Windows is not even close to Safari on Mac, sites or pages or functionality that work in one, do not always work in the other. It reminds me of the old IE5 on a Mac *shiver*.

Curious.. does it work in Konqueror?

I dunno, safari on my iTouch seems to work... Well at least I can fight/forge on it, but it's slow, considering I have to hit "fight" and then hit the scroll down list, choose the next target, then hit fight again. Rinse and repeat

Konqueror seemed to work fine when I tried it 1-2 months ago.

Don't know if the various layout changes could have affected it, though.

Konqueror has not worked and still doesn't work for CB. Not having a functional 'fight' button makes it very hard to qualify CB on Konqueror as 'working'. Another thing that doesn't work is the 'find a user' popup (which is now hidden under 'Community' instead of the sidebar). This makes it very difficult for me to consider Konqueror as a secondary browser for admin work.

Jonathan, can you please stop forcing CB to be accessed as 'www.carnageblender.com' only? This makes it impossible for me to be logged into CB twice (for example when using 'Become this user' in 1 session).

i say apple sucks overall

bartjan: sorry, the more I get into the cookie problems some people have been having the more I'm inclined to force people to www.cb.com.

The problem is that if a browser gets one cookie from www.carnageblender.com, and another from carnageblender.com, it will send *both* back when accessing www.carnageblender.com. If they are from two different users (either b/c the machine is public or b/c someone was testing the fb stuff) then neither one will be able to log in.

I suggest using a separate browser for "become this user" admin tasks. Opera and FF both work fine, for instance.

Fortunately I just found out that Iceape apparently works for CB (I'm out of BA, so didn't test fighting...).

Can't you give the cookie a different name depending on the referrer value?

The cookie handling code is old and fragile. I want to mess with it as little as possible.

Reminds me of the large number of 'legacy' servers we have at work. Customers just don't seem to care to upgrade, despite the fact that IBM (I work on AIX servers at a large bank) no longer supports them and for us it's also just "best effort".
My suggestion was to have them all crash on February 29th and blame it on the leap year ;)

bart - I still have to do development on VAX at times................. AIX would be a welcome "upgrade"

Bart, can you hold out until 2038? Will the "unix bug" affect them?

The VAX! My first "real" programming platform in college! Show Users /ALL!

seems that the problem was CB setting cookie domain to "carnageblender.com". Setting it to ".carnageblender.com" (with the extra dot in front) makes Safari happy.

Hopefully this won't make many people have to clear out their cookies *again.* :)