[英]iFrames + Google Analytics + Cookies + P3P
I am working on a website that generates traffic for partner sites. 我正在开发一个为合作伙伴网站带来流量的网站。 When a partner site's logo is clicked on our site we open the partner site in a page that contains our basic header and the partner site within an iframe.
当我们在网站上点击合作伙伴网站的徽标时,我们会在包含我们的基本标题和iframe中的合作伙伴网站的页面中打开合作伙伴网站。 Earlier we were simply opening the partner site in new window.
之前我们只是在新窗口中打开合作伙伴网站。 All cool so far.
到目前为止一切都很酷
Most partner sites use google analytics to track the traffic that we send them and soon after we started opening sites within iframe our partners reported that google analytics does not track data anymore (or tracks just a fraction of data). 大多数合作伙伴网站使用谷歌分析来跟踪我们发送的流量,在我们开始在iframe中开放网站后不久,我们的合作伙伴报告说谷歌分析不再跟踪数据(或只跟踪一小部分数据)。
I have done my fair share of homework/research on googleverse and found the know issue with google analytics or cookies in general across domains and iframes. 我已经在googleverse上做了相当多的家庭作业/研究,并发现谷歌分析或cookie在域和iframe中的常见问题。
I am trying to resolve this issue and the only solution that has been referenced is the use of P3P headers. 我正在尝试解决此问题,并且唯一引用的解决方案是使用P3P标头。
First, where do the P3P headers go? 首先,P3P标头在哪里? In my sites pages or the partner sites pages.
在我的网站页面或合作伙伴网站页面中。 Since we have many partner sites (big and small) it wont be practical if the solution is to put tags in each of these sites.
由于我们有许多合作伙伴站点(大小),如果解决方案是在每个站点中放置标签,那么它将不可行。 I can easily have them added to the page that contains the iframe.
我可以轻松地将它们添加到包含iframe的页面中。
Among the various p3p header generators is there a reliable one that you recommend? 在各种p3p头文件生成器中,你推荐一个可靠的吗?
Is there any way around this issue? 有没有解决这个问题的方法? I really need to open the sites in iframes and obviously the partner sites really need to track the traffic.
我真的需要在iframe中打开网站,显然合作伙伴网站确实需要跟踪流量。
Thank you for the help. 感谢您的帮助。
Unfortunately, both you and the partner site needs to set the headers. 不幸的是,您和合作伙伴网站都需要设置标头。
Alternatives: 备择方案:
localStorage
(HTML5 thingy - browsers that support localStorage
allow access to both the site and the iFrame's content that is stored in localStorage). localStorage
(HTML5 thingy - 支持localStorage
浏览器允许访问存储在localStorage中的站点和iFrame内容)。 This may not be feasible in the short term as it requires both you and your partner site to implement saving/reading information to/from localStorage
and not every browser supports it (older IE browsers especially). localStorage
实现保存/读取信息,而不是每个浏览器都支持它(特别是旧的IE浏览器)。 To add a basic policy header (ideally you should generate your own policy which is straight forward - check item#2 below) 要添加基本策略标题(理想情况下,您应该生成自己的直接策略 - 请查看下面的第2项)
in php add this line: 在php中添加以下行:
<?php header('P3P: CP="CAO PSA OUR"'); ?>
in ASP.Net : 在ASP.Net中 :
HttpContext.Current.Response.AddHeader("p3p", "CP=\"CAO PSA OUR\"");
in HTML pages: 在HTML页面中:
<meta http-equiv="P3P" content='CP="CAO PSA OUR"'>
Regarding your other concerns: 关于您的其他问题:
1) P3P headers refer to the HTTP header that delivers something called a compact policy to the browser. 1) P3P标头指的是向浏览器提供称为紧凑策略的HTTP标头。 Without such a policy in place, IE (most notably) and other browsers will block access to 3rd party cookies (a term used to refer to iFrame's cookies) to protect user's privacy concerns.
如果没有这样的政策,IE(最值得注意的)和其他浏览器将阻止访问第三方cookie(用于指代iFrame的cookie的术语)以保护用户的隐私问题。
As far as Google Analytics goes, both your site and the partner site still needs to configure cross domain tracking as outlined in their documentation. 至于谷歌分析去,你的网站和合作伙伴网站都还需要配置跨网域跟踪他们的文档中列出。
2) You can use this basic policy header (which is enough to fix iFrame's cookies): 2)您可以使用此基本策略标头(足以修复iFrame的cookie):
P3P: CP="CAO PSA OUR"
P3P:CP =“CAO PSA OUR”
or generate your own. 或生成自己的。 If you're not sure what those terms mean, see this .
如果您不确定这些术语的含义,请参阅此处 。
To generate such policy, you can use online editors such as p3pedit.com or IBM's tool which present a set of questions and allow you to present answers. 要生成此类策略,您可以使用在线编辑器,例如p3pedit.com或IBM的工具 ,它们会提供一组问题并允许您提供答案。 This makes it easy for you to quickly generate such policy.
这使您可以轻松快速生成此类策略。 You can generate the policy XML , compact policy and more.
您可以生成策略XML , 紧凑策略等。
3) You can try the two alternatives mentioned above. 3)您可以尝试上面提到的两种替代方案。
Steps to add the policy to your entire site 将策略添加到整个站点的步骤
Header append P3P "CP=\\"CAO PSA OUR\\""
Hope ths helps. 希望有所帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.