Problem with Session in iFrame after recent windows update RRS feed

  • Question

  • Hello All,

    One of our client wants to use our web forms application inside the iframe of their website to Login and order the goods.

    So I have added P3P headers to support third party content. CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" . This is about 2 years ago.

    It was working until yesterday and stopped working after recent .net framework update. User logs in and the session is lost when redirected to another page. Below are the details of the update

    2019-11 Preview of Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2 for x64 (KB4524743)

    More information:

    Any help is much appreciated.
    Wednesday, November 27, 2019 6:28 AM

All replies

  • ASP.NET issues can be discussed at the ASP.NET forums.

    Wednesday, November 27, 2019 7:39 AM
  • Hi Albert,

    We've seen this same problem affect one of our clients. Very similar to your description: ASP.NET WebForms, VB.NET and using iFrames to handle a SagePay payment with 3D secure.

    We found that since installing this Windows Update, we've had SOME callbacks from SagePay (within the iFrame) creating new sessions, despite the cookie being provided with the correct session ID.

    We've had to issue a hurried fix that inspects the session, and reacts accordingly if a new session has been created. But it's caused us and our client significant issues.

    We're still investigating, but whether users are affected is definitely dependent on their browser version.

    Wednesday, November 27, 2019 2:11 PM