- From: Lorrie Cranor <lorrie@research.att.com>
- Date: Mon, 3 Jun 2002 10:02:07 -0400
- To: <jeff@customerparadigm.com>, "Rigo Wenning" <rigo@w3.org>, "Smith" <dirwlf@hotmail.com>
- Cc: <www-p3p-dev@w3.org>
I'm pretty sure the problem in this case is a missing comma. Here is the P3P header: P3P: policyref="/w3c/p3p.xml" CP="NON DSP COR PSDa OUR NOR UNI" A comma is needed after the policyref, before the CP Lorrie ----- Original Message ----- From: "Jeff Finkelstein" <jeff@customerparadigm.com> To: "Rigo Wenning" <rigo@w3.org>; "Smith" <dirwlf@hotmail.com> Cc: <www-p3p-dev@w3.org> Sent: Monday, June 03, 2002 10:00 AM Subject: RE: [Moderator Action] 3rd party cookies again > > Microsoft's IE 6.0 Browser has a built-in P3P privacy policy reader. It > treats third party (different domains than the one displayed in the address > bar) as sites that are trying to build a profile -- like a third party > advertising server company. If you are using cookies from a frameset on > your third party site, your cookies (shopping carts, state management, > tracking systems, etc) will be blocked if you do not have a P3P privacy and > a compact privacy policy. > > Most likely your issue is a cache issue... When testing, make sure that you > completely clear your cache -- > Tools --> Internet Options --> Delete Files --> Check 'Delete All Offline > Content' --> Hit Okay. > > Depending on when you last cleared your cache, this may take some time. > > > Hope this helps, > > Jeff > > > Jeff Finkelstein > Customer Paradigm > mailto:jeff@customerparadigm.com > 303.473.4400 x 11 > > Read my latest article, "45% of U.S. Population Has Email. Is Your Business > Ready?" > http://www.customerparadigm.com/article.htm > > > > > -----Original Message----- > From: www-p3p-dev-request@w3.org [mailto:www-p3p-dev-request@w3.org]On > Behalf Of Rigo Wenning > Sent: Monday, June 03, 2002 7:43 AM > To: Smith > Cc: www-p3p-dev@w3.org > Subject: Re: [Moderator Action] 3rd party cookies again > > > > Do you send this header already with the set-cookie-event? That's the > time IE6 is evaluating your policy. For more info on IE6 look at > http://msdn.microsoft.com/library/en-us/dnpriv/html/ie6privacyfeature.asp > > So if your cookie is set without P3P-header, IE6 will block it. Try > that. If it doesn't work, you might want to consider different data > collection practices.. > > Best, > -- > Rigo Wenning W3C/INRIA > Policy Analyst Privacy Activity Lead > mail:rigo@w3.org 2004, Routes des Lucioles > http://www.w3.org/ F-06902 Sophia Antipolis > > > On Thu, May 30, 2002 at 06:22:22PM -0400, Smith wrote: > > OK, I have looked and looked but I have seen no good solutions. I have a > compact policy in my header: > > > > P3P: policyref="/w3c/p3p.xml" CP="NON DSP COR PSDa OUR NOR UNI" > > > > I have a site that uses my site inside a frameset so our cookies are > coming through as 3rd party. I have my brower set on medium (default) and it > will not let me navigate the site. The w3c validator gives me no errors at > all. What exactly do I have to do to get IE6 to let session cookies come > from my site through someone else's frameset? > > > > Trying. > > > >
Received on Monday, 3 June 2002 10:13:28 UTC