I am developing a portal using Omeka (based on Zend Framework) which is running on a different URL in an iFrame and am running in an issue with IE rejecting the session cookies if the Privacy Setting is anything higher then low.
I added <?php header('P3P: CP="ALL DSP COR CUR ADM TAI OUR IND COM NAV INT"'); ?> to the header page of my theme, but when I check with Fiddler it says that the Cookie was sent without the P3P header. I suspect that is because the cookie gets set before the theme header gets initiated.
Where would be the best place to make include the P3P code to make sure they get sent along with the cookie itself? Can that be set in bootstrap.php or is there another place? I tried to set it on the server level, but that seem to send my Apache server into Nirvana. The application Omeka is based on the Zend framework.
Thank you for any input.
I initially looked in all different places to set the headers such as the
header.phpof my theme, theUsersController, etc. somebody pointed out the most obvious :the
index.phpfile in the application root folder.So I set it even before the call to
bootstrap.phpand it now works - the P3P headers get send with the cookie.