P3P headers, privacy policies and all that jazz (was Re: Re: CGI versus CGI::* modules)

I know this thread is dead, but just a note for posterity.

I can confirm that normal, non-third-party cookies can definitely get dumped by IE6. That's dumped as in, yes, "silently discarded" - well, it lights up an icon in the browser, but the server has no indication at all.

And IE6 has REALLY grown in market share, in the recent past.

If you implement a privacy policy for your site (ie put the relevant stuff in the directory /w3c) this can solve the problem for the *default* security settings on IE6 (depending on what type of information you're collecting).

But for more restrictive security settings, you need to send a P3P header - which is the search that brought me to this thread. :)

All the best, Andy.

Comment on P3P headers, privacy policies and all that jazz (was Re: Re: CGI versus CGI::* modules)

Replies are listed 'Best First'.
Re: P3P headers, privacy policies and all that jazz (was Re: Re: CGI versus CGI::* modules) by jonadab (Parson) on Sep 11, 2003 at 15:51 UTC
Interesting. I may have to augment my authbox with a "Having trouble?" link, with information about how to enable cookies. I thought we were past that with the demise of Netscape 4. sigh. So I guess that means I need to find a system with IE6, so I can figure out its preferences enough to write the instructions... `$;=sub{$/};@;=map{my($a,$b)=($_,$;);$;=sub{$a.$b->()}} split//,".rekcah lreP rehtona tsuJ";$\=$ ;->();print$/` [download]	[reply] [d/l]
Re: Re: P3P headers, privacy policies and all that jazz (was Re: Re: CGI versus CGI::* modules) by andye (Curate) on Oct 03, 2003 at 17:05 UTC
You might find some of these useful: http://www.google.co.uk/search?q=%22internet+explorer+6%22+%22security+settings%22+medium Scroll past the MS results, and there's a load of people making the same explanation. Andy.	[reply]