if you need to direct to a third server, this won't work. but maybe you can cookie-transfer the request, so the page is hosted on a third server, but the request is to a script on your page which delivers content and cookies from the third server.

another possibility seems to look at the various bug reports about the ie and to pick one bug out which makes it possible, but i don't know any specifc.

-hakre

but there is no way around this.

wrong, just set a compact privacy policy in your headers. i use (from php):

header("P3P: policyref=\"http://www.example.com/w3c/p3p.xml\",   CP=\"NOI DSP COR NID PSAa OUR IND NAV\"");

and that means that it will not reject the cookie

If you set a policy on your server and you are redirecting in a frame to a 3rd party - then the policy must be set by the 3RD PARTY, not YOU because they are setting the cookie not you.

The use for your example seems to be if you are setting a cookie on your server and somebody is loading that page on THEIR server but not vice versa.

Is this correct?