R – P3P issue with IE and iframe

cookiesiframeinternet-explorerp3p

My question is related to the problem outlined in this question.

I have set up my p3p fine as far as I know (the p3p validator doesn't return any errors), but I still get blocked cookies.
The src of my iframe is an external website, is there anything special I have to do if the cookies I want to accept are coming from an external site?

Here is my p3p.xml:

<?xml version="1.0" encoding="UTF-8" ?>
<META xmlns="http://www.w3.org/2002/01/P3Pv1">
<!-- Policy Generated by P3PWiz http://www.p3pwiz.com -->
<POLICY-REFERENCES>
  <EXPIRY date="Tue, 16 Feb 2010 08:50:40 -0600"/>
  <POLICY-REF about="/w3c/Policies.xml#Privacy">
    <INCLUDE>/*</INCLUDE>
  </POLICY-REF>
  <POLICY-REF about="/w3c/Policies.xml#WSC">
    <INCLUDE>*/*</INCLUDE>
    <COOKIE-INCLUDE name="*" value="*" domain="*" path="*" />
  </POLICY-REF>
</POLICY-REFERENCES>
</META>

Best Solution

Well, I'm not sure that you're setting the header right as it is described in the article:

Send the compact header with responses

I've set the webserver at example.com to send the compact header with responses, like this:

HTTP/1.1 200 OK P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR IVAi IVDi OUR TST" // ... other headers and content

policyref is a relative URI to the Policy Reference file (which in turn references the privacy policies), CP is the compact policy representation

As you can see, somebody else had the same problem:

I was 95% complete, but my header only said: P3P: CP="...." and didn't include the policyref link, which made it work in IE7, but not IE6... works good now. Thanks! – AndreasKnudsen May 12 at 10:17

I'm also wondering if there is any relation between where the policy file is hosted and where the actual site is hosted.

Related Solutions

Html – Remove border from IFrame

Add the frameBorder attribute (note the capital ‘B’).

So it would look like:

<iframe src="myURL" width="300" height="300" frameBorder="0">Browser not compatible.</iframe>

Html – How to apply CSS to iframe

Edit: This does not work cross domain unless the appropriate CORS header is set.

There are two different things here: the style of the iframe block and the style of the page embedded in the iframe. You can set the style of the iframe block the usual way:

<iframe name="iframe1" id="iframe1" src="empty.htm" 
        frameborder="0" border="0" cellspacing="0"
        style="border-style: none;width: 100%; height: 120px;"></iframe>

The style of the page embedded in the iframe must be either set by including it in the child page:

<link type="text/css" rel="Stylesheet" href="Style/simple.css" />

Or it can be loaded from the parent page with Javascript:

var cssLink = document.createElement("link");
cssLink.href = "style.css"; 
cssLink.rel = "stylesheet"; 
cssLink.type = "text/css"; 
frames['iframe1'].document.head.appendChild(cssLink);

Best Solution

Related Solutions

Html – Remove border from IFrame

Html – How to apply CSS to iframe

Related Question