I have a flow where I click a button, which triggers a new window to open where the original url is the same as the origin domain. This flow works fine normally (site not embedded in an iframe). I see the requests as expected, the cookies persist when the site loads in the new window, everything is great.
But when I embed my site in an iframe while on a 3rd party site, when the new window is launched, the requests doesn't carry over any cookies. This experience only happens on IE (Tested Safari, Edge, Chrome, Firefox). I'm essentially just looking for an explanation to why this occurs. Is IE dropping cookies because I'm launching a new window from an iframe that has a src that doesn't match the 3rd party domain? Does IE drop cookies because it's an iframe launching a new window? I'm not able to find an answer to why IE is dropping cookies.
To be more specific. My code is calling window.open(url); That url is the same domain that iframe src is pointing to. In all browsers except IE11, in the new window that opens, I see the cookies that were written to the browser prior to the new window being open, IE11 those cookies are no where to be found.
So I dove into the 3P IE iframe issue to see that it's actually the problem. What I saw was that when I checked the webpage privacy report, the 3rd party site that I am embedding is listed as cookies are accepted. When I click the button to open a new window, and I check the webpage privacy report of that new window, I don't see the cookies are accepted (because none are sent), but they're not listed as blocked either.
So I'm not entirely convinced this is a 3P cookie issue yet. Primarily because I am able to write cookies from the iframe, the issue only occurs when a new window is opened and the cookies no longer exist in the new window.