You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by Mark Maunder <ma...@swiftcamel.com> on 2001/10/30 03:05:18 UTC

[OT] P3P policies and IE 6 (something to be aware of)

Just thought I'd share a problem I've found with IE 6 and sites (like
mine) that insist on cookie support.

If you use cookies on your site and you send a customer an email
containing a link to your site:
If the customer's email address is based at a web based mail service
like hotmail, IE 6's default behaviour is to disable cookies when the
customer clicks on the link and your site is opened in frames. This is
because IE 6 considers your site to be a third party (the frames cause
this) and unless you have a compact P3P policy set up, which it approves
of, it disables cookies. A compact P3P policy is just an HTTP header
containing an abbreviated version of a full P3P policy, which is an XML
document. Here's how you set up a compact P3P policy under mod_perl:

#This policy will make IE6 accept your cookies as a third party, but you
should generate
# your own policy using one of the apps at the W3C site.
my $p3p_compact_policy = "CP=\"ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa
IVAa IVDa CONa TELa OUR STP UNI NAV STA PRE\"";
$r->err_header_out(P3P => $p3p_compact_policy);
$r->header_out(P3P => $p3p_compact_policy);

Check out http://www.w3.org/P3P/ for the full info on P3P.
Check out
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpriv/html/ie6privacyfeature.asp

for M$ info on IE6 and cookies/privacy

Appologies for the OT post, but I'm just hoping I'll save someone else
the same trouble I just went through.

~mark

Re: [OT] P3P policies and IE 6 (something to be aware of)

Posted by Tatsuhiko Miyagawa <mi...@edge.co.jp>.

On Tue, 30 Oct 2001 02:05:18 +0000
Mark Maunder <ma...@swiftcamel.com> wrote:

> my $p3p_compact_policy = "CP=\"ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa
> IVAa IVDa CONa TELa OUR STP UNI NAV STA PRE\"";
> $r->err_header_out(P3P => $p3p_compact_policy);
> $r->header_out(P3P => $p3p_compact_policy);

mod_headers will do:

  Header add P3P "CP=\"PSA CONi OTR OUR DEM ONL\""

mod_headers
http://httpd.apache.org/docs/mod/mod_headers.html


--
Tatsuhiko Miyagawa <mi...@bulknews.net>