Thanks for help. I have set up p3p policy to my site.. I passed it trouth validator and IE can find privacy policy but it still doesn't allow me cookies... I can't find information what exactly to specify in privacy policy IE allows me third party cookies... Does somebody idea?
tnx. S. -----Original Message----- From: Chris Shiflett [mailto:[EMAIL PROTECTED] Sent: 24 August 2004 16:46 To: Stanislav Kuhn; [EMAIL PROTECTED] Subject: [SPAM] Re: [PHP] Sessions vs. IE security --- Stanislav Kuhn <[EMAIL PROTECTED]> wrote: > But problem is when I want to include my sctipt to a client > web site. Technically my script is included in frame of html > page on another server. I know, using frames is ..... but > clients are using them very offten and I can do nothing with > that. Problem with sending session id from IE to server > becoming in MEDIUM level of security (which is normally used) > in this case (included in frame on another server) and cookies > are blocked as well. This is a bit of a guess, but I seem to recall that IE requires a valid P3P policy to be in place before it will include third-party cookies in a request. That's exactly what a URL within a frameset would be considered if the domain is different. Hope that helps. Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly Coming Fall 2004 HTTP Developer's Handbook - Sams http://httphandbook.org/ PHP Community Site http://phpcommunity.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
