Módosítások

In some browsers, the IFrame-driven front-channel logout doesn't work due to the browser blocking [http://en.wikipedia.org/wiki/HTTP_cookie#Third-party_cookies third party cookies]. As of today, no browser is blocking these cookies by default, but with higher privacy settings they definitely do it.

Every cookie which is sent to a foreign domain via img, iframe, script, etc. tags is considered to be third party, so the session cookie of the SP software in a foreign domain is third party cookie when it is sent in an IFrame. By blocking these cookies, the SP doesn't receive the session cookie and thus it could stop processing the logout request at this point.

Additional links: * [http://n2.nabble.com/Frames-cookies-question-td4127538.html#a4127538 Shibboleth-dev thread on the issue], * [http://support.mozilla.com/en-US/kb/Disabling+third+party+cookies How to disable third party cookies in firefox]* [https://bugzilla.mozilla.org/show_bug.cgi?id=417800#c11 Additional explanation in Mozilla Bugzilla]* [http://code.google.com/p/browsersec/wiki/Part2#Third-party_cookie_rules Further information on third party cookie handling]* [http://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_cookies Same origin policy for cookies]