I have made a widget of a perticular site and this widget offers login form to user to login to main site.
To show login form I have used popup which is actually Iframe. This login code works fine with Mozila, google crome, safari.
Session and cookies are working fine. But when I tried in IE, session and coockies does not work properly and it shows “devil eye” at the bottom, status bar of the IE.
I searched a lot to find solution for this and I came to know about P3P. following tutorial will help you all to resolve this kind of problem.
What is P3P?
P3P is the Platform for Privacy Preferences Project. It was developed by the W3C, (World Wide Web Consortium) as a protocol for providing automated privacy information to the end user, giving them more control over their own personal information at the web sites they visit.
P3P websites offer privacy information in a machine readable format and P3P enabled browsers can read this and compare it to their own privacy standards. This protocol provides a standardization of privacy statements and presents it in a format that allows surfers to act on the information they are provided with.
- The user can set up one-to-one relationships with different web sites, varying the amount of data divulged according to his/her comfort level with the web site/company.
- The user can seamlessly transfer personal information to web sites/companies without typing information repeatedly.
- The user will know how the web site is going to use the personal information being collected.
- The user can make/decide on exceptions. A user can vary which information can be disclosed depending upon the usefulness of the data or the service provided by the web site.
How do I implement P3P on my site?
First, you need a privacy statement for your site that surfers can read, or you can use the HTML privacy statement that is generated with the P3P editor we’re going to download. Download P3P Editor. This link will take you to the alphaWorks site, simply click on the download button in the upper right-hand corner and follow the instructions.
The P3P Editor
If the editor installed the first time, great. If you got an error stating that the JVM could not be found, you need to download the Java Environment Runtime file which is located here: JER Download. Follow the link and scroll down to the download button. The P3P editor and the JER file total about 11 megs so if you are on a slow connection get a cup of coffee.
After installation of both downloads you’re ready to begin making your website P3P compliant.
The P3P Editor will create four files, a policy file, written in XML, a reference file, written in XML, a compact policy* and an HTML version of the privacy statement that you can use on your site as your privacy statement if you don’t wish to reference your site’s current privacy statement, or if your site doesn’t have one.
In addition to the four files already mentioned, I recommend creating two additional HTML files, an opt_out.htm and a dispute.htm. Before opening the editor, create a w3c directory and a privacy directory on your server. If you don’t have access to create your own directories you can still make your site P3P compliant, I’ll address that at the end of this tutorial. For now let’s get on to actually creating the files you need.
The editor comes with instructions, lots of them. What you need to know is quite simple though. Open the editor and after a few seconds a screen will appear presenting four options, Create A Blank Policy, Create A Policy From a Template, Edit an Existing Policy or View The Getting Started Guide. For now, choose Create a Policy From a Template. You will be presented with 6 more options. If you understand XML completely, and wish to wander off on your own from here, please feel free. If you aren’t comfortable with XML I suggest selecting Access Logging and User Tracking. Nearly all websites do this in one form or another. Select Okay, and the screen will change to one with 5 tabs on the bottom section, the Error Tab may be highlighted. Don’t worry about those tabs yet.
Creating Your P3P Policy
You should return to the New Policy screen, and the Errors tab should no longer be highlighted. A message should appear in the bottom text window stating that No errors have been detected in this policy. Your policy files have been created, now they just need to be saved.
The Reference File
Click File, then select Create Reference File. If you have one policy, select the One Policy Radio button and click next. You then need to fill in the URL information. It’s important if you can to upload this file, which you will save as p3p.xml, to the w3c directory you created. This keeps you from having to add a link to every page, or using HTTP headers to allow for validation and compliance. Your URL should look like this: w3c/policy/#p3p.xml. The hash mark is required and the editor will display an error message if it isn’t in the path. Click okay and it will create the reference file, then click Finish, save the file as p3p.xml, type that into the box, and save it where you can find it. I saved it to desktop.
Your Policy File
Repeat the process for your policy file, saving it as policy1.xml.
Your HTML File
There’s an option to save HTML File in the same menu you saved your other files in. This CAN be your human readable privacy statement. Simply save it as privacy.htm and upload it to the directory referenced in your XML policy.
Uploading the Files
Upload your p3p.xml file to the w3c directory. Upload your policy1.xml file to the privacy directory. Upload the other files, HTML privacy statement, dispute.htm, and opt_out.htm to the directory you referenced while creating your p3p policy. Using privacy as the default directory makes this quite simple.
Now you’re ready to validate
Go to http://www.w3.org/P3P/validator/20010928/ and type in your URI. If you validate, and you should, you can send your URL to the list of P3P compliant sites for inclusion that is listed at the validation site.
If you uploaded your reference file to the w3c directory, you can ignore the NO Link and NO HTTP header errors the validator produces. If you can’t create your own directories, you need to append
to every page on your site. Congratulations. You are now P3P Compliant.
A note about the compact policy
I get more questions about the compact policy than any other issue associated with P3P. First, the FACTS.
Original Article : http://evolt.org/node/20756