While developing something for facebook I noticed that the PHP session of my code was vanishing - but only in InternetExplorer. After searching, it seemed the issue was to do with iFrames (as facebook opens the code in an iFrame). If the domain of the website inside the iFrame doesn't match the domain of the browser (esentially the site hosting the iFrame), then all cookies from that website are declined as they are seen as third party and potentially dangerous.
At present it appears that IE is the only browser to act in this manner, implementing Platform for Privacy Preferences (P3P) Project. However, there are two ways to resolve the issue. The first is to reduce the security settings of the browser, which is not very practical for the developer; and the second is to implement a P3P header with specific tokens set to allow the cookies. For PHP, this would be:
header('P3P: CP="CAO PSA OUR"');
At work I noticed some HTML links weren't working in InternetExplorer; the HTML is still recognised as a link but clicking it does nothing. Here is some sample code to demonstrate the issue:
<a href="http://www.google.com"> <table> <tr> <td>Hello</td> </tr> </table> </a>
Other browsers seem to render this with working link just fine.
Apparently this is not correct HTML, but the standard only specifies how valid code should work, not how invalid code should work and it is therefore up to the implementation to define what to do in that instance. It's a shame that every other browser does something logically expected, but IE plays the odd-one-out.