Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

P3P and osCommerce and IE6


hank_not_hack

Recommended Posts

It has taken a week to get the beta version of my new web store running on osCommerce. I hope to have it live by Feb 17. My current store (HTML/CSS) is p3p compliant and works fine in IE6. There is no problem with the cookies. Call up the new store in IE6 and the cookies are leashed- restricted to the current session. Further investigation revealed that the default privacy setting in IE6 is medium. This totally blocks all third party cookies. Unless the user has set the browser privacy to low, cookies are useless. This is of particular interest as my affiliate program uses cookies to track link referrals from affiliate web sites. Not everyone uses IE6 but if one user in the click stream does then the referral data is lost. Without this data my affiliates will not be compensated for referral sales. This will break my store and my business.

 

Thus enters p3p. IE6 apparently disregards p3p specifications in that it won't accept third party cookies unless a compact privacy policy is present. IE6 does not recognize the full privacy policy. To thwart the IE6 shortcoming p3p compact policy link tags have to be on every page that IE6 may call through HTTP. As I see it, there are three ways to do this: 1. use a <meta http-equiv> tag. 2. use mod_headers on my server 3. do it in the PHP files. This is where I get confused. It will take a really long time to manually insert the code in each .php file. If I use mod_headers then every file called will contain unwanted code. Meta tags work in .xml and .html but do they work in .php? Is it possible to set up a global .php tag that inserts the policy link in the store pages only? How to do that?

 

Anyone else struggling with this? Anyone have a possible solution? Maybe I should change my handle to questionGuy? :'(

Link to comment
Share on other sites

  • 1 month later...

Hi Hank,

The most efficient way to deal with blocked cookies is to send your P3P code at the server level (It's really much easier than that might sound to any of you novice webmasters out there).

 

Rather than having to modify every page on your site, a single line of text in a single file can cover your whole site and hey-presto - no more blocked cookies!

 

If your website is on a server using Apache (99% of websites are), then a single line in your .htaccess file will fix any blocked cookie problems (Windows servers can also achieve the same result quite simply).

 

(Bit of a plug here)

I developed P3PWiz to make the whole P3P generation process as simple as possible.

P3PWiz will generate all of the code you need to be P3P compliant (and can also install your policy automatically if you wish).

 

If you need any clarification on how to install your policy to overcome the blocked cookies issue, please don't hesitate to contact me.

 

Brad

Net Dynamics

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...