- From: Rigo Wenning <rigo@w3.org>
- Date: Mon, 4 Jul 2011 09:18:08 +0200
- To: www-p3p-dev@w3.org, ranieri.pires@tqi.com.br, privacy <public-privacy@w3.org>
Dear Ranieri Pires, This is not possible in P3P 1.0. The P3P Working Group had identified your scenario and had specified this in the P3P 1.1 Specification. http://www.w3.org/TR/P3P11/ 2.3.2.9.1 OUR-HOST Extension The OUR-HOST element allows sites to declare hosts that are owned by the entity in the associated policy or that are acting as agents of that entity. User agents may use this extension to distinguish between such a host and actual third-party hosts. Unfortunately, browsers never supported the P3P 1.1 Specification, so it remained a Working Group Note. As a consequence, you can't declare a same origin anywhere so far. Browsers will assume that example1.org and example2.com are two different things and they will apply their security policy to it accordingly. Best, Rigo Wenning W3C Legal counsel On Wednesday 29 June 2011 17:11:01 Ranieri Pires wrote: > How to save a flash cookie Local Shared Objects (LSO) in 2 domains? > Example: My SWF is in www.domain1.com, but I need the cookie (LSO) is > recorded inwww.domain1.com and www.domain2.com. Is there a P3P policy that > allows this? > > > > > > Ranieri >
Received on Monday, 4 July 2011 07:18:42 UTC