Problem: “Cookie disabled” pop-up in IE7 when using Alfresco share in an iframe.

Summery: You need to add a P3P header to all responses from Share. The P3P header must link to an XML file which tells IE to allow the iframe to have its own cookies.

The easiest way to do this is to proxy Alfresco share through Apache and use mod_headers to add the header to every request.


Create a subdomain and point it at the server, this will be the domain sourced in the iframe.


<VirtualHost *:80>
  DocumentRoot /home/ubuntu/share
  ProxyRequests off
  ProxyPass /w3c/ !
  ProxyPass /
  ProxyPassReverse /
  ProxyPreserveHost on
  Header add p3p 'P3P:policyref="/w3c/p3p.xml", CP="NID DSP ALL COR"'
</VirtualHost> must respond with a P3P XML file which tells the iframe to allow cookies.

The easiest way to do this is to add the file to the DocumentRoot of the share VirtualHost, i.e /home/ubuntu/share/w3c/p3p.xml

Note /home/ubuntu/share is an arbitrary empty directory and not related to the Share/Alfresco install.

<META xmlns="">
    <POLICY-REF about="#policy1">
    <POLICY discuri="" name="policy1">
          <DATA ref=""></DATA> 
          <DATA ref=""></DATA> 
      <!-- if the site has a dispute resolution procedure that it follows, a DISPUTES-GROUP should be included here -->
          <DATA ref="#dynamic.clickstream"/>
          <DATA ref="#dynamic.http"/>


Update hosts file so requests from server to are not routed out to the internet back, but just forwarded to


Check it works: