Has anyone been able to get Oracle Forms running JInitator to loan in Internet Explorer 8 yet? I have tried removing all add-ons, various version of Java, add the domain to the trusted sites using wildcards, and using compatibility mode to no avail. I am looking to get our Oracle guys to kick there Internet Explorer 6 habit. This is related to Oracle E-Business.
SELECT owner, table_name FROM dba_tables
This is assuming that you have access to the
DBA_TABLES data dictionary view. If you do not have those privileges but need them, you can request that the DBA explicitly grants you privileges on that table, or, that the DBA grants you the
SELECT ANY DICTIONARY privilege or the
SELECT_CATALOG_ROLE role (either of which would allow you to query any data dictionary table). Of course, you may want to exclude certain schemas like
SYSTEM which have large numbers of Oracle tables that you probably don't care about.
Alternatively, if you do not have access to
DBA_TABLES, you can see all the tables that your account has access to through the
SELECT owner, table_name FROM all_tables
Although, that may be a subset of the tables available in the database (
ALL_TABLES shows you the information for all the tables that your user has been granted access to).
If you are only concerned with the tables that you own, not those that you have access to, you could use
SELECT table_name FROM user_tables
USER_TABLES only has information about the tables that you own, it does not have an
OWNER column – the owner, by definition, is you.
Oracle also has a number of legacy data dictionary views--
CAT for example-- that could be used. In general, I would not suggest using these legacy views unless you absolutely need to backport your scripts to Oracle 6. Oracle has not changed these views in a long time so they often have problems with newer types of objects. For example, the
CAT views both show information about tables that are in the user's recycle bin while the
[DBA|ALL|USER]_TABLES views all filter those out.
CAT also shows information about materialized view logs with a
TABLE_TYPE of "TABLE" which is unlikely to be what you really want.
DICT combines tables and synonyms and doesn't tell you who owns the object.
I got it to work, but the solution is a bit complex, so bear with me.
In this case, when cookies are blocked, session identifier is not sent, and the target script throws a 'session not found' error.
(I've tried setting the session identifier into the form and loading it from POST variables. This would have worked, but for political reasons I couldn't do that.)
How to solve it
Create a p3p policy
(e.g. "the site is operated by ACME Ltd., it uses anonymous per-session identifiers for its operation, collects user data only if explicitly permitted and only for the following purposes, the data is stored only as long as necessary, only our company has access to it, etc. etc.").
(When editing with this tool, it's possible to view errors/omissions in the policy. Also very useful is the tab "HTML Policy": at the bottom, it has a "Policy Evaluation" - a quick check if the policy will be blocked by IE's default settings)
The Editor exports to a .p3p file, which is an XML representation of the above policy. Also, it can export a "compact version" of this policy.
Link to the policy
Then a Policy Reference file (
http://example.com/w3c/p3p.xml) was needed (an index of privacy policies the site uses):
<META> <POLICY-REFERENCES> <POLICY-REF about="/w3c/example-com.p3p#policy1"> <INCLUDE>/</INCLUDE> <COOKIE-INCLUDE/> </POLICY-REF> </POLICY-REFERENCES> </META>
<INCLUDE> shows all URIs that will use this policy (in my case, the whole site). The policy file I've exported from the Editor was uploaded to
Send the compact header with responses
I've set the webserver at example.com to send the compact header with responses, like this:
HTTP/1.1 200 OK P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR IVAi IVDi OUR TST" // ... other headers and content
policyref is a relative URI to the Policy Reference file (which in turn references the privacy policies),
In this configuration, the Evil Eye does not appear, the cookies are saved even in the IFRAME, and the application works.
Edit: What NOT to do, unless you like defending from lawsuits
Several people have suggested "just slap some tags into your P3P header, until the Evil Eye gives up".
The tags are not only a bunch of bits, they have real world meanings, and their use gives you real world responsibilities!
For example, pretending that you never collect user data might make the browser happy, but if you actually collect user data, the P3P is conflicting with reality. Plain and simple, you are purposefully lying to your users, and that might be criminal behavior in some countries. As in, "go to jail, do not collect $200".
A few examples (see p3pwriter for the full set of tags):
- NOI : "Web Site does not collected identified data." (as soon as there's any customization, a login, or any data collection (***** Analytics, anyone?), you must acknowledge it in your P3P)
STPbut don't have a retention policy, you may be committing fraud. How cool is that? Not at all.)
I'm not a lawyer, but I'm not willing to go to court to see if the P3P header is really legally binding or if you can promise your users anything without actually willing to honor your promises.
- Sql – How to limit the number of rows returned by an Oracle query after ordering
- Running Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on the same machine
- Java – How to create an executable JAR with dependencies using Maven
- .net – Programmatically add trusted sites to Internet Explorer
- Java – How to avoid Java code in JSP files, using JSP 2
- Java – Why does this code using random strings print “hello world”
- Html – Internet Explorer 11 disable “display intranet sites in compatibility view” via meta tag not working