解决Win7-IE11保护模式下跨域写cookie的问题
来源:互联网 发布:vnc server windows 编辑:程序博客网 时间:2024/05/21 10:33
问题重现:
需要用HTTP的方式跨域写cookie。
在发送HTTP response的时候增加了P3P header---header('CP=CAO PSA OUR’),P3P的简洁策略。
在Win7的IE11默认设置下,也就是在Internet选项-安全-默认勾选了启用保护模式的情况下,跨域写cookie失败。其他浏览器都可以成功写入。
解决方案:
在经常多种方式的尝试过后,发现,把P3P header改成 header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR"’); 就可以成功的写入cookie了。
————————————————————————————————————————————————————————————————————————————
下面是在网上摘录的一些关于P3P的解释。
P3P Header is present:
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Compact Policy token is present. A trailing 'o' means opt-out, a trailing 'i' means opt-in.
CURa
Information is used to complete the activity for which it was provided.
ADMa
Information may be used for the technical support of the Web site and its computer system.
DEVa
Information may be used to enhance, evaluate, or otherwise review the site, service, product, or market.
PSAo
Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals for purpose of research, analysis and reporting, but it will not be used to attempt to identify specific individuals.
PSDo
Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals to make a decision that directly affects that individual, but it will not be used to attempt to identify specific individuals.
OUR
We share information with ourselves and/or entities acting as our agents or entities for whom we are acting as an agent.
BUS
Info is retained under a service provider's stated business practices. Sites MUST have a retention policy that establishes a destruction time table. The retention policy MUST be included in or linked from the site's human-readable privacy policy.
UNI
Non-financial identifiers, excluding government-issued identifiers, issued for purposes of consistently identifying or recognizing the individual. These include identifiers issued by a Web site or service.
PUR
Information actively generated by the purchase of a product or service, including information about the method of payment.
INT
Data actively generated from or reflecting explicit interactions with a service provider through its site -- such as queries to a search engine, or logs of account activity.
DEM
Data about an individual's characteristics -- such as gender, age, and income.
STA
Mechanisms for maintaining a stateful session with a user or automatically recognizing users who have visited a particular site or accessed particular content previously -- such as HTTP cookies.
PRE
Data about an individual's likes and dislikes -- such as favorite color or musical tastes.
COM
Information about the computer system that the individual is using to access the network -- such as the IP number, domain name, browser type or operating system.
NAV
Data passively generated by browsing the Web site -- such as which pages are visited, and how long users stay on each page.
OTC
Other types of data not captured by the above definitions.
NOI
Web Site does not collected identified data.
DSP
The privacy policy contains DISPUTES elements.
COR
Errors or wrongful actions arising in connection with the privacy policy will be remedied by the service.
参考资料:
W3C的P3P标准:http://www.w3.org/TR/P3P/
P3P的简洁策略及浏览器的支持情况:http://www.cnblogs.com/_franky/archive/2011/03/16/1985954.html
《P3P Web隐私》
IE中的隐私策略:http://www.cnblogs.com/volnet/archive/2012/11/25/2787197.html
- 解决Win7-IE11保护模式下跨域写cookie的问题
- 解决IE11无法下载文件的问题
- win7 64位下vs2010 + IE11 的 问题
- Win7 下 IE WebDriver 因保护模式无法启动的解决
- 分享Win7 下 IE WebDriver 因保护模式无法启动的解决
- 解决IE11点击linkbutton没反应的问题
- 解决loadrunner12不能破解、loadrunner11不支持IE11录制的问题
- IE11浏览器js加载数据不显示问题的解决
- 关于Win7/Vista下IE保护模式下与其他进程间通信的问题
- IE8 保护模式的问题
- IE10、IE11 User-Agent 导致的 ASP.Net 网站无法写入Cookie 问题
- IE10、IE11 User-Agent 导致的 ASP.Net 网站无法写入Cookie 问题
- WIN7的IE11中安装activex控件
- WIN7卸载IE11回复IE8的方法
- IE11打开的网站,视频不见了。部分win7+win8电脑出现此问题
- 解决插件在IE增强保护模式下无法运行的问题
- 解决IE11不能打开网页问题
- 解决浏览器下载附件乱码问题 IE11
- 如何检测内存泄露
- GridCtrl使用详解
- Qt学习之路(23): 自定义事件
- POJ 3616 Milking Time(简单DP)
- 如何更好地限制一个UITextField的输入长度
- 解决Win7-IE11保护模式下跨域写cookie的问题
- 设计模式--中介者模式Mediator(行为型)
- 把C盘格式化过,后来发现运行不了JAVA,是怎么回事?
- ubuntu安装jdk 1.6
- android 启动相机拍照并发送微博。
- 怎么恢复三星全智能手机数据
- 制作一个链表的方法
- 紅粉俏佳人
- 只能在执行 Render() 的过程中调用 RegisterForEventValidation(RegisterForEventValidation can only be called durin