- From: Rigo Wenning <rigo@w3.org>
- Date: Fri, 31 Oct 2003 14:17:52 +0100
- To: www-p3p-dev@w3.org
On Thu, Oct 30, 2003 at 12:59:41PM -0600, Ralf Scharnowski wrote: > I'm having difficulties with IE 6 randomly blocking cookies on my > website, http://bargainbookstores.com <http://bargainbookstores.com/> . > > This issue only appears to exist with Windows XP Pro and IE 6 w/ privacy > set to medium or higher. My site uses an apache server running a Miva > Merchant shopping cart. My static pages (index.htm, etc) do not > generate or use cookies. Miva Merchant does use cookies to link > specific customers to their basket contents. In those settings, IE only allows direct cookies. In higher settings, IE blocks more cookies. As you closed the store for maintenance I can't see, why things are randomly blocked. > > The cookie blocking symbol often appears when opening the index page > (www.bargainbookstores.com <http://www.bargainbookstores.com/> or > bargainbookstores.com) and indicates that it is blocking cookies for all > my page link graphic files. I have seen only one cookie for the main page. Depending on the settings in IE, this is blocked or not blocked but shouldn't be random. > > The problem links stay within my domain (example: > http://bargainbookstores.com/Merchant2/merchant.mv?Screen=SFNT > <http://bargainbookstores.com/Merchant2/merchant.mv?Screen=SFNT&Store_Co > de=bbs> &Store_Code=bbs or http://bargainbookstores.com/au.htm) > I tried, but it was closed for maintenance. So I can't help you debugging. Without P3P compact implementation, you might run into trouble as other browswers than IE implement also P3P. > > > I'm concerned about this issue because some customers are having trouble > checking out and others are seeing the "do not enter" symbol at the > bottom of IE 6. I fear that this will chase away some customers. That's the impact of P3P. Be privacy friendly to bind your customers. > > I don't have a P3P in place but have noticed that the majority of other > ecommerce sites don't either and I don't see the same problem occurring > with those sites. Already 30% of the top 100 and over 20% of top 500 sites have implemented P3P. > > Does anyone have an idea as to what is causing this? > Implement reasonable privacy practices, show them in P3P and implement on your site and you get less trouble. > > > I would like to put a P3P in place but I am unable to do so because my > host (Interland.com) refuses to add the proper line of code to the > Apache server, furthermore, Miva Merchant refuses to accept the P3P CP > data from Apache if correctly configured. Any Ideas on working around > this problem? You can use the link-tag on your pages, so you don't need to change the server configuration. Please see the Specification for more details. You just add a link-tag like <link rel="P3Pv1" href="URI"> while URI is the location of the policy reference file. There is a way to do headers with meta-tags in the pages too: <meta http-equiv="P3P" content='CP="YOUR_CP" policyref="YOUR_REF_URI"'> In this case you wouldn't need the link-tag. But compare the thread under http://lists.w3.org/Archives/Public/www-p3p-policy/2001Oct/0007.html Don't forget to test with the validator. Best, -- Rigo Wenning W3C/ERCIM Policy Analyst Privacy Activity Lead mail:rigo@w3.org 2004, Routes des Lucioles http://www.w3.org/ F-06902 Sophia Antipolis
Received on Friday, 31 October 2003 08:26:50 UTC