Anyone knows what the code snippet means below?
Asked Answered
O

4

9
header('P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"');

I've never seen such headers,what's it for?

Orthocephalic answered 1/5, 2010 at 8:7 Comment(0)
E
5

Take a look at this site for a translation of the commands:

http://www.p3pwriter.com/LRN_111.asp

Erickericka answered 1/5, 2010 at 8:42 Comment(0)
O
9

It's a coded format expressing - in a machine-readable form - what the web site is going to do with your private data. IIRC, IE is using this already, it shows a human-readable translation of the P3P header in the status bar if the current site serves one.

See here: Platform for Privacy Preferences

The Gist:

The Platform for Privacy Preferences Project (P3P) enables Websites to express their privacy practices in a standard format that can be retrieved automatically and interpreted easily by user agents.

Osteoclast answered 1/5, 2010 at 8:8 Comment(3)
What exactly does CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" mean?Orthocephalic
@user very good question. I can't find a simple translation table, only what complicated specs the w3c page offers and in addition this: p3ptoolbox.org/guideOsteoclast
@user I can't test it because I don't have a site handy that sends the headers but try whether the P3P validator: w3.org/P3P/validator.html offers any explanation about the codes.Osteoclast
E
5

Take a look at this site for a translation of the commands:

http://www.p3pwriter.com/LRN_111.asp

Erickericka answered 1/5, 2010 at 8:42 Comment(0)
C
2

The answers above are correct, but I think it's worth mentioning why you would want to do it from a functionality perspective. If you have a page that is being included by a frameset from a different domain, any version of IE 6 or newer will block the cookies for your page unless the p3p header is present.

The idea is that your page, if it placed in a frameset hosted by a different domain, is considered "third party" content. The fear is that you may trying to stick sneaky ad tracking or other cookies in a person's browser without their knowledge. The p3p header is a way of pinning your organization down as saying "we won't do anything sneaky with them 3rd party cookies". The user can set their browser to block your cookies if you don't set that header, and as of IE6 that is the default setting.

Cathepsin answered 11/5, 2010 at 0:28 Comment(0)
P
0

This specific chain of commands is included in sites that interact with facebook, and resolves Internet Explorer session issues.

Perdu answered 19/3, 2014 at 15:20 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.