- From: Lorrie Cranor <lorrie@research.att.com>
- Date: Tue, 19 Feb 2002 22:46:46 -0500
- To: "Kim Hahn" <KHahn@digitalimpact.com>, <www-p3p-policy@w3.org>
This question is hard to answer without knowing more about how you are setting and reading the cookie. One possible problem is that on the client page your browser is actually trying to replay two cookies -- the one you are testing and some other one that you set previously (and that previous cookie is the one getting blocked). Another possible problem is that the cookie may sometimes be replayed in a first party context and sometimes in a thirdparty context. Lorrie ------ Original Message ----- From: "Kim Hahn" <KHahn@digitalimpact.com> To: <www-p3p-policy@w3.org> Sent: Tuesday, February 19, 2002 9:35 PM Subject: Reading cookies as a 3rd party. > Hello, > > I have two applications, one that sets a persistant 1st party cookie, and > another which later reads the cookie with sensing code sitting on an > external client page. The sensing code never tries to set the cookie, just > reads it. > > The setting application has PRF, P3P and written policies hosted, and sends > the correct compact policy header. The reading application has no privacy > compliancy (we are doing a phased implementation where we we reconfigure the > setting apps first). The calling application also sits in a nested virtual > directory on our IIS5 servers. > > On the client page I am getting what seems to be inconsistant behavior - the > cookie is read and processed by the sensor code, but IE6 displays a privacy > alert and the privacy report says the cookie is blocked. How can the cookie > be blocked if it's being read? I tried moving the calling app out of the > nested virtual directory into the one above and the privacy alert > dissappeared. > > I'm at a loss. Do you have any suggestions as to what's going on? > > Kim > >
Received on Wednesday, 20 February 2002 00:40:09 UTC