[英]Set P3P code in HTML
I've researched this subject alot. 我已经研究了很多这个主题。 But one thing I don't get if it is possible to set a P3P tag in plain HTML?
但是,如果可以在纯HTML中设置P3P标签,我一无所获? Just before the first -tag.
就在第一个标签之前。
Im trying to get an iFrame-login solution to work in IE. 我试图获得一个iFrame登录解决方案以在IE中工作。
I have just found code example in PHP, ASP.NET and so on but not in plain HTLM, if that is even possible. 我刚刚在PHP,ASP.NET等中找到了代码示例,但即使有可能,也没有在普通的HTLM中找到代码示例。
I've encountered the same issue recently trying to serve static HTML from AWS S3. 我最近在尝试从AWS S3提供静态HTML时遇到了相同的问题。
Unfortunately, it is not possible to set Compact Policies without sending server-side response headers. 不幸的是,如果不发送服务器端响应头,就无法设置压缩策略。
This means that you cannot set a Compact Policy on staticly-served HTML content. 这意味着您不能在静态提供的HTML内容上设置紧凑策略。
Section 2.4.2 of the P3P deployment document explicitly mentions this (emphasis mine): P3P部署文档的2.4.2节明确提到了这一点(重点是我的):
There is only one mechanism for sites to serve compact policies;
网站只有一种机制可以执行紧凑型政策; they are sent as HTTP response headers.
它们作为HTTP响应标头发送。 Thus, if a site is unable or unwilling to add HTTP response headers, compact policies cannot be used.
因此, 如果站点无法或不愿意添加HTTP响应标头,则不能使用紧凑策略。
The HTML element META with the http-equiv attribute is sometimes used to simulate the effect of adding HTTP headers to HTML content.
带有http-equiv属性的HTML元素META有时用于模拟向HTML内容添加HTTP标头的效果。 ... the http-equiv mechanism should not be used to send a P3P compact policy header, as this information may not be available to a client until after it has processed the cookies in the response.
...不应使用http-equiv机制来发送P3P紧凑型策略标头,因为该信息直到在客户端处理完响应中的cookie后才对客户端可用。
The <meta http-equiv='p3p' content='CP="..."'/>
and <link rel="P3Pv1" href="...">
elements cannot set the Compact Policy either - it must be a response header. <meta http-equiv='p3p' content='CP="..."'/>
和<link rel="P3Pv1" href="...">
元素也无法设置精简策略-它必须是响应头。
The bottom line is this: 底线是这个:
Are you able to send the p3p
response header? 您可以发送
p3p
响应标头吗?
Yes: Add the header with the appropriate policy and you are done. 是:添加具有适当策略的标头,然后完成。
No: You are out of luck and are unable to set a Compact Policy. 否:您不走运,无法设置紧凑型政策。
The p3p
header is considered a user-defined key so it can only be added as x-amz-meta-p3p
. p3p
标头被视为用户定义的键,因此只能将其添加为x-amz-meta-p3p
。
Since x-amz-meta-p3p
!= p3p
the browser will not accept it as the correct header. 由于
x-amz-meta-p3p
!= p3p
,浏览器将不会接受它作为正确的标头。
Therefore you cannot set a Compact Policy on AWS S3 content. 因此,您无法在AWS S3内容上设置紧凑型策略。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.