Qlik Sense sheets have been successfully embedded in a webpage. The mashup displays as expected in Google Chrome or Mozilla Firefox, but it does not show in Internet Explorer.
A fiddler trace shows that authentication is successful, and a session cookie gets sent correctly from the Qlik Sense server. The browser does not send the session cookie on the next request. This results in the authentication being done again, and authentication "loop" over and over.
This is general issue when integrating any solution at all which requires session cookies from a different domain, into an iframe. This is because security settings in some browsers prevent cookies from a different domain.
It is possible to work around this using p3p headers as explained here http://stackoverflow.com/questions/389456/cookie-blocked-not-saved-in-iframe-in-internet-explorer
To add a p3p header, add the following line to the "additional response headers" of the Virtual proxy:
P3P: CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"