ie9 loses cookies after redirect

Question

I have an iframe that:

1. does a post request to server
2. server returns 302 and sets cookie
3. browser not saves cookies but does a post(don't know why not get but it doesn't matter)
4. cookie from #3 are lost

i've found a workaround:

Response.AddHeader("Pragma", "no-cache");
Response.AddHeader("Cache-Control", "no-cache");

but it didn't help. mb anybody knows what can fix this issue?

Answer 1

You may want to look into why your browser is doing a POST rather than a GET, since that implies that there's an important piece of information that you left out. No browser will follow a HTTP/302 redirect with a POST.

In IE9, redirection responses are cached if headers allow (IE8 and below would not cache redirects).

You can absolutely set a cookie on a 302 redirect. There are two possibilities here:

1. Your cookie is getting dropped because you failed to supply a P3P Header on the response indicating that your privacy practices are compatible with the user's desires.
2. Your redirection response is getting pulled from the user's cache, not the server, and the cached response didn't set a cookie.

Given that you're having this problem in an IFRAME, #1 seems more likely. (See Quick Look at P3P)