Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Vanilla Cookies Blocked by IE

edited February 2007 in Vanilla 1.0 Help
Hi there, I have a new Vanilla Forum up and running, but IE is blocking the cookies by default. This is causing login problems and is confusing forum users. No explicit message or pop-up is displayed regarding this cookie block, but if you double click on the privacy icon (eye) you get the blocked cookie message. The website is This URL runs as a mask on top of We suspect that the URL masking is causing the cookie-block issue. Privacy Report Summary from Internet Explorer. "Could not find a privacy policy for To view this site's privacy policy, contact the Web site directly." Any comments, suggestions or feedback is greatly appreciated! Thank you, Wesociety


  • MarkMark Vanilla Staff
    What version of vanilla are you using?
    What are your cookie settings (look on the settings / globals form)?
    Where is Vanilla set up on your server (ie. web accessable directory)?
  • ithcyithcy New
    edited June 2006
    //edit: what mark said
  • Hello and thank you for your help! I am running version Web-path to Vanilla is Cookie domain is If I change the cookie domain to would this break the login ?
  • I'd suggest trying either or (with the prevailing . ) and see which gives best results.
  • MarkMark Vanilla Staff
    edited June 2006
    I don't think it would break the login, no. People would have to re-authenticate when they return to the forum, though.

    I'd give that a shot. You can also try the domain minus the www at the beginning: (note the dot at the beginning). That will ensure that people typing into their web browser get authenticated properly as well.
  • edited June 2006
    Hi minisweeper & Mark, Thanks for the suggestion, but that did not fix the problem. Any other suggestions?
  • Did you clear out all your existing cookies before re-testing it?
  • edited June 2006
    Yes, existing IE cookies were deleted and the issue persists.
    Here's a screenshot with the blocked notice and Cookie settings in a window behind that.

    Image Hosted by
  • What exactly does it mean by 'privacy policy' ? It might not be an issue with the cookies as such, just that it wont accept them for another reason?

    also, should i keep the capital M in my name? i cant decide
  • in IE, if you go to Tools->Internet Options->Privacy tab, what does it say?
  • edited June 2006
    The default Internet Explorer options are used. I have duplicated the issue on multiple computers that use default IE 6 settings. Privacy level is set to Medium. Mark, do you have any other suggestions? :)
  • Update: We decided to cutover the site to one of our other webhosts. Now we don't have the URL masking and the cookie issue in IE has dissappeared. Thanks to all for your comments and suggestions.
  • Werd up. I wonder how to solve it with the maskin in place?
  • Possible way to solve with masking in place: Since it can't find a privacy policy, you can probably set up a compact privacy policy (see P3P page at W3C) to make the warning go away.
  • OH NO! Microsoft is blocking Vanilla's cookies, because they want to be in the forum scene as well!! :D You'll see! Next month they'll come up with their own ForumLive software which integrates with IE... bah :P
  • edited June 2006
    I had the same problem. However, I found out that this was not caused by a missing p3p file, but by redirecting: my domain was redirecting to my other domain to save hosting costs - but in a frame, so was preserved in the location bar of the browser. IE did not like this. So I changed to a normal redirect and the issue was solved.

    edit: should have read better ;-)
  • I had a similar problem today - turned out to be nothing to do with Vanilla. I was using an underscore in my domain name - this character is not valid for domain names. I was just testing this locally, and the domain name i chose was "". Firefox didn't have a problem with it - but IE would silently reject cookies - so the symptom was you sign in ... and .. you're not signed in! very frustrating. Changed the domain name to "" (hyphens are allowed) .. and it works! :D (this is a duplicate posting - also
This discussion has been closed.