Reference: Browser Security Settings and Visualforce (salesforce.com)

Some Visualforce pages are run from *.force.com servers. If you set your browser’s trusted sites to include *.salesforce.com, you must also add *.visualforce.com to the list.

Depending on your browser and browser settings, you may see an error similar to the following on some pages:

Your browser privacy settings have prevented this page from showing some content. To display this content you need to change your browser privacy settings to allow "Third Party" cookies from the domain http://MyDomainName--PackageName.visualforce.com . Alternatively, if your browser is Internet Explorer, you can add http://MyDomainName--PackageName.visualforce.com to your trusted sites list in the security options page.

Salesforce includes a Platform for Privacy Preferences Project (P3P) header on some pages. The header is composed of the following settings:

PurposeCUR - Information is used to complete the activity for which it was provided.CategorySTA - Mechanisms for maintaining a stateful session with a user or automatically recognizing users who have visited a particular site or accessed particular content previously; for example, HTTP cookies.RecipientOTR - Legal entities following different practices. Users cannot opt-in or opt-out of this usage.

If your browser is configured to support P3P, this header allows all Visualforce pages to display. For information on P3P, see Platform for Privacy Preferences (P3P) Project.

If your browser is set to block third-party cookies, and it does not use the P3P header, and you see an error similar to the one above, perform one of the following actions: