Iframe Applications and P3P HTTP Headers. I just finished an exhausting 2 hour cram on P3P and IE madness. Here is what I discovered and added to our iframed apps to comply with IE's privacy settings. Article - good overview … -1612.html P3P Editor - IBM tool to create the "compact privacy policy" that IE requires Just download the JAR file and run the following command. Java -jar p3p.jar Example - This is how Yahoo has it setup even though they're not dealing with FB iframe issues presumably. HTTP header included in all HTTP requests made using IE 6+ P3P: policyref=" CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HE Referenced P3P XML file which redirects to Server Configuration - Easiest way is to setup Apache to add P3P header to all HTTP calls made from an IE browser Add the following to your httpd.conf file within settings.
BrowserMatch MSIE IS_MSIE The value of the CP portion can be generated using IBM's tool (link above) Larry Williams' Weblog. Sunday December 19, 2004 This is a short tutorial on how to write web applications with mod_python.
Mod_python is an Apache module that embeds the Python interpreter within the server. 1. First you need to install Apache with mod_python I'm using Apache 2 and mod_python 3.1.3. LoadModule python_module /usr/lib/apache2/modules/mod_python.so You also need to tell mod_python where your Python application is. Alias /python /var/www/python <Directory /var/www/python> SetHandler python-program PythonHandler application # Disable these in production PythonDebug on PythonAutoReload on </Directory> A Brief Introduction to Apache's mod_python Module. Magine that you are a PHP programmer.
You use PHP, because it's simple—but powerful enough to provide you with most of the features you need to develop Web-based applications for your customers. You have heard of or perhaps even played with more powerful languages, such as Python. Most of your development involves building Web applications, so you are concerned about performance, scalability, and flexibility. The answer to this problem is mod_python, an Apache Web server module that embeds the Python interpreter within the Apache server in a manner similar to PHP. The advantages to this are many, but briefly, embedding the Python interpreter into Apache provides a persistent execution stack that eliminates the start-up penalty associated with running CGI scripts.
What exactly are we talking about, when we say a persistent execution stack that eliminates the start-up penalty associated with running CGI scripts? #! (mean time, across all concurrent requests) Time per request: 77.723 [ms] How to get Internet Explorer to use cookies inside a frame to a third party site. In the past we used to be able to have a frame (or an iframe) load a third party site and it would just work.
With Internet Explorer 6 and 7 there has been a security "enhancement" that can cause a web developer a bit of grief. This enhancement added "The Platform for Privacy Preferences" also known as P3P to Internet Explorer. The point of P3P is to make a websites privacy policy transparent. This allows users to quickly find the privacy policy of a website. The privacy policy in of a website can be seen by clicking the eye icon in the status bar of Internet Explorer. IE's Default Setting By default Internet Explorer has a privacy setting of Medium. It Just Doesn't Work Here is an example of what just won't work in Internet Explorer when using frames. Then you upload that html file to Your-Website.com and you display the page in Internet Explorer which gives you something like the following. Installing a Privacy Policy (P3P) Verify That Your Policy Is Installed curl -I. Mod_headers. Summary This module provides directives to control and modify HTTP request and response headers.
Headers can be merged, replaced or removed. Order of Processing The directives provided by mod_headers can occur almost anywhere within the server configuration, and can be limited in scope by enclosing them in configuration sections. Order of processing is important and is affected both by the order in the configuration file and by placement in configuration sections. RequestHeader append MirrorID "mirror 12"RequestHeader unset MirrorID This way round, the MirrorID header is not set. Early and Late Processing mod_headers can be applied either early or late in the request.
Early mode is designed as a test/debugging aid for developers. Because early directives are processed before the request path's configuration is traversed, early headers can only be set in a main server or virtual host context. Examples This directive can replace, merge or remove HTTP response headers. Add append echo edit edit* set.