丢失P3P文件有什么含义?
[英]What are the implications of having a missing P3P file?
问题描述
I sniffed some Outbrain traffic (eg on CNN , find the file called "get" under "odb.outbrain.com/utils" in Chrome's network tab), and found this P3P header: 
我嗅到了一些Outbrain流量(例如, 在CNN上 ,在Chrome的“网络”标签中的“ odb.outbrain.com/utils”下找到了名为“ get”的文件),并找到了以下P3P标头:
P3P:policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
The link to http://www.outbrain.com/w3c/p3p.xml returns a 404. Does this have any implications? http://www.outbrain.com/w3c/p3p.xml链接返回404.这有什么影响吗? How would browsers (IE mostly, I guess) treat a P3P header that links to a missing P3P file? 浏览器(我猜大多数情况下)会如何处理链接到丢失的P3P文件的P3P标头?
1 个解决方案
解决方案1
3 已采纳 2011-11-08 06:35:25
Well, pointing to a non-existent policy file is a violation of the P3P specification , which you might consider one implication. 好吧,指向一个不存在的策略文件违反了P3P规范 ,您可能会认为这是一个含义。 However, popular clients (including early versions of Internet Explorer) don't actually load the full policy file or take action based on its existence or contents. 但是,流行的客户端(包括早期版本的Internet Explorer)实际上并未加载完整的策略文件或根据其存在或内容采取操作。
Research has shown that compact policy statements like this are common (for working around IE cookie restrictions) and very frequently don't include an actual full policy file even though one is required by the spec. 研究表明,这种紧凑的策略语句很常见(用于解决IE cookie限制),并且即使规范要求一个完整的策略文件,也经常不包含实际的完整策略文件。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.