W3C home > Mailing lists > Public > www-p3p-policy@w3.org > October 2001

Re: Using <meta http-equiv> [was: [www-p3p-policy] <none>]

From: Lorrie Cranor <lorrie@research.att.com>
Date: Wed, 10 Oct 2001 10:42:06 -0400
Message-ID: <005701c15199$bc795940$3e06cf87@research.att.com>
To: Andreas Färber <andreas@faerber.as>, <www-p3p-policy@w3.org>
Certainly if you are using a server that recognizes this and creates
a normal HTTP header, then that is fine. But you should make sure
your server does that before you use this approach. I don't
think all servers will do this.

Lorrie

----- Original Message -----
From: "Andreas Färber" <andreas.faerber@web.de>
To: <www-p3p-policy@w3.org>
Sent: Wednesday, October 10, 2001 10:21 AM
Subject: Using <meta http-equiv> [was: [www-p3p-policy] <none>]


> > > <meta http-equiv="P3P" content='CP="YOUR_CP"
policyref="YOUR_REF_URI"'>
>
> > This is not recommended. Not all user agents support http-equiv, and
> > those that do support it may not see the CP until after they evaluate
> > the cookie if you do this. The whole point of the CP is to allow
> > user agents to get a snap shot of the policy early so they can make
> > quick decisions about cookies.
> >
> > Lorrie
>
> Wasn't the idea behind using the meta http-equiv that the *server* (not
the
> user agent) might recognize it and might send it as a "normal" HTTP
Header?
> At least some Apaches I've worked with did so. Therefore it would be a
> workaround for those Apache users not able to use mod_headers.
>
> Andreas
>
>
Received on Wednesday, 10 October 2001 10:41:55 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 17 January 2012 12:13:10 GMT