Issues with iframes

Interface Problems

• If the parent frame is not using https, the user will not see a padlock and will think that the registration form they are using is not secure
• If the first page of a form is secure but not a subsequent page, the browser URL bar will still display the site as secure, as the parent frame has not changed.

Browser/Cookies Issues

• Our registration form relies on cookies to store data
• Many browsers have different settings for how cookies inside an iframe are treated (see below for specific examples). Being inside an iframe makes browsers consider our cookies to be "3rd party"
• With the rise in popularity of mobile devices, there are potentially dozens of other vendor specific browsers that have different policies and standards for how iframes and 3rd party cookies function

Safari Issues

• Safari blocks 3rd party cookies by default, meaning, the user must change these settings manually for our registration form to function inside an iframe
• There are workarounds available, but they are almost always fixed by Apple, and some methods of circumvention have prompted lawsuits. (for more information)

Internet Explorer Issues

Internet explorer treats us as a 3rd party, so we must set up special functionality (a P3P Policy) for our form to function correctly. (for more information)

This fix only works for Internet Explorer and is not guaranteed to work in future versions of Internet Explorer, as a P3P policy is not a standard that any other browser adheres to.