I am using JSONP to answer AJAX calls on a different server than the site is on. It works pretty well, except that on IE, I can't maintain a session.

The site answering the request uses Java Servlets. It works in Firefox, but I in IE I have problems because it doesn't accept the cookies. (I can make it work by changing the security settings.)

From there I tried putting the sessionid in the url of the request:

listAction: server+'/site/gateway.jsp?current=page&next=something&jsessionid='+session+'&callback=?'

(I write callback=? because I am using jQuery and that is how you can do Jsonp.)

It still doesn't work. Did I write the session wrong? Is it still looking at my cookies? Can I possibly configure my servlet to load the session that I want it to load?

This is actually the same problem that you get with iFrames. You need to set a p3p header.

request.setheader('P3P: CP="NOI ADM DEV COM NAV OUR STP"');

Why does IE block you from using cookies with JSONP, but allow you if you just add some header? Who knows. The header represents a privacy policy. And I guess they don't think malicious hackers will be dishonest about their privacy policy.

If you sell information about your users or have other reasons to worry about a lawsuit from your users, you should make sure your p3p header accurately reflects your privacy policy, so you'll have to do a bit more research.

This is the same question but about the iFrames: Cookie blocked/not saved in IFRAME in Internet Explorer