We use ADFS security in our web application. After cross domain request, IE10 gets response with Set-Cookie headers and status 302(to be redirected), but response from redirect target does not contain any cookies. It could be fixed by setting: Internet
Options -> Privacy -> Advanced -> Override automatic cookie handling and Always allows session cookies, but our clients may be not allowed to change IE settings. Are there any other way to solve this?
↧