[nycphp-talk] P3P and MSIE6 cookies
Chris Snyder
chris at psydeshow.org
Tue Feb 4 23:22:56 EST 2003
Analysis & Solutions wrote:
>First, let me thank Chris Shiflett for posting the P3P information. I
>wasn't aware of this initiative. While it's not an issue for me right
>now, I know it will become one, as the browsers which implement this
>platform become more widely used and the users understand what they can
>do. So, I implemented it. Folks curious to see a valid setup can check
>out http://www.analysisandsolutions.com/w3c/
>
>
>
>
Thanks Dan and Chris!
Your links and examples, combined with the not-so-user-friendly IBM
generator mentioned here (http://www.w3.org/P3P/details.html) helped me
get these up on my server: http://chxo.com/w3c/
There are three files there: the xml privacy policy (privacy.xml)
created by the generator, the "policy reference" file (p3p.xml) that I
had to build by hand, and a file with Apache Directives that instruct
the server to use a single w3c alias server-wide and to send a P3P
header. Apache needs to be compiled with mod_headers enabled in order to
do this. The P3P: header could also be generated by PHP, of course.
http://validator.w3.org/p3p/20020128/p3p.pl?uri=http%3A%2F%2Fchxo.com%2F
Hooray, it validates. Tested this on MSIE6 with a High Privacy Setting,
and it took my cookie.
BTW in case you run into this down the line, you can View>Privacy
Report... in Internet Explorer to get some idea of what's up P3P-wise,
and there's also a Settings button in the same dialog box.
chris.
More information about the talk
mailing list