Internet Explorer 8 on Windows 7 more restrictive (P3P settings)

Dealing with handling sessions on 3rd party content (I mean content pulled in using iFrames or Ajax from a different domain than the main page), I recently encountered an issue particularly with Internet Explorer 8 on Windows 7, but not on Windows XP or Windows Vista – our (3rd party) cookies handling sessions were suddenly being blocked. Soon after I found out that the same issue exists for Internet Explorer 6 on Windows XP. I tried to find any issues or topics online in particular what had changed in IE8 on Windows 7, but – nothing. The solution, however, I had to seek for more than a day as I found it using trial&error as it was not described anywhere, but it proved to be pretty simple.
Firstly, after finding out that IE6 had the same symptoms as IE8 on Windows 7, I must conclude that IE7 and IE8 on Windows XP and Windows Vista are for some reason more “lenient” as the root of this problem with IE6 on Windows XP and IE8 on Windows 7 was lack of appropriate privacy preference and policy specification, known as P3P, even though the same policy settings and requirements are for IE7 and IE8 on Windows XP and Windows Vista.

A similar issue and appropriate solutions is discussed at StackOverflow in a great detail, however, the solution described there didn’t work for me completely – besides creating an appropriate P3P policy file (which can be pretty easily done using this P3P file editor and validated here), I had to add the following P3P line to the Apache server configuration to add to header of every file sent out from the 3rd party server, even images and Javascript – files that are not setting or using session or cookies:

<IfModule mod_headers.c>
Header set P3P “policyref=\”/w3c/p3p.xml\”, CP=\”ALL DSP COR CURa OUR IND COM NAV CNT\”"
</IfModule>

UPDATE 26Dec2011:

Similarly, for nginx server the P3P config goes this way into domain’s .conf file’s “server {}” clause:

add_header P3P ‘policyref=”/w3c/p3p.xml”, CP=”ALL DSP COR CURa OUR IND COM NAV CNT”‘;

This solved it. Hopefully this will avoid or at least minimize headaches for someone having the same problem.

9 Comments so far

  1. roclafamilia on October 21st, 2010

    Helpful blog, bookmarked the website with hopes to read more!

  2. amc_mb on December 23rd, 2011

    Any idea how I could write the about script for the config file in Resin 3 server?

    Header set P3P “policyref=\”/w3c/p3p.xml\”, CP=\”ALL DSP COR CURa OUR IND COM NAV CNT\””

    As I cannot find any info on how to do this anywhere? Thanks for the article btw!

  3. admin on December 26th, 2011

    Hello amc_mb,

    I have not had any experience with the Resin 3 server, but as per Google,

    1. As per change log http://wap.disney.in/resin-doc/changes/changes.xtp, the P3P header seems to be supported since version 3.2.1
    2. As per this: http://caucho.com/resin-3.1/doc/cluster-tags.xtp#serverheader, it should go similarly into tag as for nginx that I wrote:

    Header P3P ‘policyref=”/w3c/p3p.xml”, CP=”ALL DSP COR CURa IND COM NAV CNT”‘;

    Though I am not sure of the syntax..

    Hope this helps.

  4. amc_mb on January 3rd, 2012

    Hiya, thanks for reply very much appreciated. I’m working with resin 3.0.23 so I’m finding it difficult to dig up any info on p3p. I’m looking at the config file for 3.0.23 and I’m presumming from the documentation that I need to add it some where like here:

    30s

    but I have no idea how the syntax should be added? Any help would be greatly appreciated!
    Thanks for all your help btw!

  5. amc_mb on January 3rd, 2012

    sorry for some reason it put 30S instead of the mark-up here it is:

    30s

  6. amc_mb on January 3rd, 2012

    here is a link to the documentation:
    http://www.caucho.com/resin-3.0/config/resin.xtp#cluster

  7. Juris on January 3rd, 2012

    amc_mb, sorry – as I mentioned, I have no experience in configuring Resin web server

  8. amc_mb on January 4th, 2012

    No worries, thanks for your help. Just stuck and there is no documentation on it. Thanks for your help. Much appreciated!

  9. Shannon on April 20th, 2013

    I truly figure this out post. I’ve been searching аround ϳust foг this!
    Тhank goodness І dіscοvеrеԁ it on Bing.

    You’ve made my day! Thanks again

Leave a Reply