PUBLISHED: Jan 4, 2011 1 min read

Running a Magento Site in an iFrame

Tom DiDomenico

Tom DiDomenico

Senior Vice President, Digital Strategy & Technology

Ok, I guess the first question is, “why would you?”

Well, as it happens, there are affiliate marketers that will launch the Magento site in their iFrame. One such example is Payment Wall (

So the problem here is that IE (pretty much all versions) won’t pass the Magento session cookie back to the server if the site’s running in an iFrame. No session cookie, no login, no how.

The fix is pretty simple – though it took me a long time to find it!

Add the following to your .htaccess file and, poof, IE sends your cookies back and everybody’s happy!

# Added the following header to enable cookies coming to the site while being hosted in an iframe
Header set P3P "policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS""