`
cscn2004
  • 浏览: 1570 次
  • 性别: Icon_minigender_1
  • 来自: 重庆
文章分类
社区版块
存档分类
最新评论

Iframe跨域访问的问题,session 丢失的问题

阅读更多

在iframe 保航的页面服务器(resin)写一个filter 设置一下返回的((HttpServletResponse)response).setHeader("P3P","CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"");

Tag

Description

NOI

Web Site does not collected identified data.

ALL

All Identified Data: Access is given to all identified data.

CAO

Identified Contact Information and Other Identified Data: access is given to identified online and physical contact information as well as to certain other identified data.

IDC

Identifiable Contact Information: access is given to identified online and physical contact information (e.g., users can access things such as a postal address)

OTI

Other Identified Data: access is given to certain other identified data (e.g., users can access things such as their online account charges).

NON

None: no access to identified data is given.

 

 

Tag

Description

DSP

The privacy policy contains DISPUTES elements.

 

Tag

Description

COR

Errors or wrongful actions arising in connection with the privacy policy will be remedied by the service.

MON

If the service provider violates its privacy policy it will pay the individual an amount specified in the human readable privacy policy or the amount of damages.

LAW

Remedies for breaches of the policy statement will be determined based on the law referenced in the human readable description.

 

 

Tag

Description

CUR

Information is used to complete the activity for which it was provided.

ADM

Information may be used for the technical support of the Web site and its computer system. Users cannot opt-in or opt-out of this usage (same as tag ADMa).

ADMa

Information may be used for the technical support of the Web site and its computer system. Users cannot opt-in or opt-out of this usage.

ADMi

Information may be used for the technical support of the Web site and its computer system. Opt-in means prior consent must be provided by users.

ADMo

Information may be used for the technical support of the Web site and its computer system. Users may opt-out of the data being used for this purpose.

DEV

Information may be used to enhance, evaluate, or otherwise review the site, service, product, or market. Users cannot opt-in or opt-out of this usage (same as tag DEVa).

DEVa

Information may be used to enhance, evaluate, or otherwise review the site, service, product, or market. Users cannot opt-in or opt-out of this usage.

DEVi

Information may be used to enhance, evaluate, or otherwise review the site, service, product, or market. Opt-in means prior consent must be provided by users.

DEVo

Information may be used to enhance, evaluate, or otherwise review the site, service, product, or market. Users may opt-out of the data being used for this purpose.

TAI

Information may be used to tailor or modify content or design of the site where the information is used only for a single visit to the site and not used for any kind of future customization. Users cannot opt-in or opt-out of this usage (same as tag TAIa).

TAIa

Information may be used to tailor or modify content or design of the site where the information is used only for a single visit to the site and not used for any kind of future customization. Users cannot opt-in or opt-out of this usage.

TAIi

Information may be used to tailor or modify content or design of the site where the information is used only for a single visit to the site and not used for any kind of future customization. Opt-in means prior consent must be provided by users.

TAIo

Information may be used to tailor or modify content or design of the site where the information is used only for a single visit to the site and not used for any kind of future customization. Users may opt-out of the data being used for this purpose.

PSA

Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals for purpose of research, analysis and reporting, but it will not be used to attempt to identify specific individuals. Users cannot opt-in or opt-out of this usage (same as tag PSAa).

PSAa

Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals for purpose of research, analysis and reporting, but it will not be used to attempt to identify specific individuals. Users cannot opt-in or opt-out of this usage.

PSAi

Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals for purpose of research, analysis and reporting, but it will not be used to attempt to identify specific individuals. Opt-in means prior consent must be provided by users.

PSAo

Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals for purpose of research, analysis and reporting, but it will not be used to attempt to identify specific individuals. Users may opt-out of the data being used for this purpose.

PSD

Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals to make a decision that directly affects that individual, but it will not be used to attempt to identify specific individuals. Users cannot opt-in or opt-out of this usage (same as tag PSDa).

PSDa

Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals to make a decision that directly affects that individual, but it will not be used to attempt to identify specific individuals. Users cannot opt-in or opt-out of this usage.

PSDi

Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals to make a decision that directly affects that individual, but it will not be used to attempt to identify specific individuals. Opt-in means prior consent must be provided by users.

PSDo

Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals to make a decision that directly affects that individual, but it will not be used to attempt to identify specific individuals. Users may opt-out of the data being used for this purpose.

IVA

Information may be used to determine the habits, interests, or other characteristics of individuals and combine it with identified data for the purpose of research, analysis and reporting. Users cannot opt-in or opt-out of this usage (same as tag IVAa).

IVAa

Information may be used to determine the habits, interests, or other characteristics of individuals and combine it with identified data for the purpose of research, analysis and reporting. Users cannot opt-in or opt-out of this usage.

IVAi

Information may be used to determine the habits, interests, or other characteristics of individuals and combine it with identified data for the purpose of research, analysis and reporting. Opt-in means prior consent must be provided by users.

IVAo

Information may be used to determine the habits, interests, or other characteristics of individuals and combine it with identified data for the purpose of research, analysis and reporting. Users may opt-out of the data being used for this purpose.

IVD

Information may be used to determine the habits, interests, or other characteristics of individuals and combine it with identified data to make a decision that directly affects that individual. Users cannot opt-in or opt-out of this usage (same as tag IVDa).

IVDa

Information may be used to determine the habits, interests, or other characteristics of individuals and combine it with identified data to make a decision that directly affects that individual. Users cannot opt-in or opt-out of this usage.

IVDi

Information may be used to determine the habits, interests, or other characteristics of individuals and combine it with identified data to make a decision that directly affects that individual. Opt-in means prior consent must be provided by users.

IVDo

Information may be used to determine the habits, interests, or other characteristics of individuals and combine it with identified data to make a decision that directly affects that individual. Users may opt-out of the data being used for this purpose.

CON

Information may be used to contact the individual, through a communications channel other than voice telephone, for the promotion of a product or service. This includes notifying visitors about updates to the Web site. Users cannot opt-in or opt-out of this usage (same as tag CONa).

CONa

Information may be used to contact the individual, through a communications channel other than voice telephone, for the promotion of a product or service. This includes notifying visitors about updates to the Web site. Users cannot opt-in or opt-out of this usage.

CONi

Information may be used to contact the individual, through a communications channel other than voice telephone, for the promotion of a product or service. This includes notifying visitors about updates to the Web site. Opt-in means prior consent must be provided by users.

CONo

Information may be used to contact the individual, through a communications channel other than voice telephone, for the promotion of a product or service. This includes notifying visitors about updates to the Web site. Users may opt-out of the data being used for this purpose.

HIS

Information may be archived or stored for the purpose of preserving social history as governed by an existing law or policy. Users cannot opt-in or opt-out of this usage (same as tag HISa).

HISa

Information may be archived or stored for the purpose of preserving social history as governed by an existing law or policy. Users cannot opt-in or opt-out of this usage.

HISi

Information may be archived or stored for the purpose of preserving social history as governed by an existing law or policy. Opt-in means prior consent must be provided by users.

HISo

Information may be archived or stored for the purpose of preserving social history as governed by an existing law or policy. Users may opt-out of the data being used for this purpose.

TEL

Information may be used to contact the individual via a voice telephone call for promotion of a product or service. Users cannot opt-in or opt-out of this usage (same as tag TELa).

TELa

Information may be used to contact the individual via a voice telephone call for promotion of a product or service. Users cannot opt-in or opt-out of this usage.

TELi

Information may be used to contact the individual via a voice telephone call for promotion of a product or service. Opt-in means prior consent must be provided by users.

TELo

Information may be used to contact the individual via a voice telephone call for promotion of a product or service. Users may opt-out of the data being used for this purpose.

OTP

Information may be used in other ways not captured by the above definitions. Users cannot opt-in or opt-out of this usage (same as tag OTPa).

OTPa

Information may be used in other ways not captured by the above definitions. Users cannot opt-in or opt-out of this usage.

OTPi

Information may be used in other ways not captured by the above definitions. Opt-in means prior consent must be provided by users.

OTPo

Information may be used in other ways not captured by the above definitions. Users may opt-out of the data being used for this purpose.

 <http://www.p3pwriter.com/LRN_111.asp>

分享到:
评论

相关推荐

    iframe跨域访问时session丢失

    NULL 博文链接:https://thoreau.iteye.com/blog/745100

    iframe跨域与session失效问题的解决办法

    通过这种方式,可以解决在IE浏览器中由于P3P隐私设置导致的iframe跨域cookie丢失问题,进而解决session失效导致的用户频繁重新登录的问题。这个方法在技术上是可行的,但需要网站管理员操作,确保P3P声明符合实际的...

    【ASP.NET编程知识】iframe跨域与session失效问题的解决办法.docx

    在 ASP.NET 开发中,跨域和 Session 失效问题是一个常见的问题,特别是在使用 iframe 嵌入远程应用时。今天,我们来讨论这个问题的解决办法。 什么是跨域和 Session 失效? -------------------------------- 跨域...

    关于Iframe如何跨域访问Cookie和Session的解决方法

    本文主要探讨如何解决Iframe跨域访问Cookie和Session的问题。 首先,理解跨域访问的基本概念。在Web浏览器的安全策略中,同源策略(Same-origin policy)禁止了一个源(协议+域名+端口)的文档或脚本直接获取另一个...

    PHP关于IE下的iframe跨域导致session丢失问题解决方法

    总的来说,针对IE浏览器中iframe跨域导致Session丢失的问题,关键在于理解浏览器对跨域Cookie的处理方式,特别是IE的独特限制。通过设置P3P头,可以通知浏览器允许iframe内的页面使用和共享Session,从而修复登录和...

    iframe跨域嵌套自适应高度

    ### iframe跨域嵌套自适应高度 在网页开发过程中,`iframe`作为一种常见的网页元素,被广泛用于在当前页面中嵌入另一个独立的文档或页面。然而,在实际应用中经常会遇到一些问题,如跨域限制、自适应高度调整以及...

    iframe嵌入链接本地环境正常,正式环境重定向到登录解决

    - **Session丢失**:正式环境中,由于跨域请求或其他原因,服务器无法正确识别用户的Session信息,从而自动跳转至登录页面。 #### 解决方案 为了解决这个问题,可以通过以下步骤进行: 1. **协议一致性处理**:确保...

    ajax跨域访问遇到的问题及解决方案

    **Ajax跨域访问** 是一个常见的前端开发中遇到的问题,主要涉及到浏览器的同源策略限制。同源策略是指,浏览器的JavaScript代码只能访问与当前页面同协议、同域名、同端口的资源,以防止恶意脚本从一个站点窃取另一...

    jsessionid存在的问题及其解决方案

    在Web开发中,`jsessionid`是一个常见的概念,它关联到Java服务器会话(Session)的管理。本文将深入探讨`jsessionid`存在的问题以及相应的解决方案,并结合提供的`DisableUrlSessionFilter.java`和`web.xml`文件来...

    页面间传值

    Local Storage持久化存储数据,关闭浏览器也不会丢失,而Session Storage仅在当前会话有效。它们提供键值对存储,容量比Cookie大,但同样不能用于跨域,且数据安全性较低。 5. HTML5 History API: History API...

    2022年前端工程师最新面试题

    - 400表示客户端错误,401未经授权,403禁止访问,理解这些状态码有助于处理客户端和服务器间的通信问题。 12. **fetch发送两次请求**: - 在某些情况下,fetch会先发送预检请求(OPTIONS),以确认跨域请求是否...

    前端、vue、react、js面试题

    - IFrame用于在页面内嵌入其他页面,但可能导致性能问题和安全风险,如XSS攻击。 17. **DOCTYPE**: - DOCTYPE声明指定文档类型和遵循的HTML或XHTML规范,影响文档的解析模式,严格模式遵循标准,混杂模式兼容旧...

Global site tag (gtag.js) - Google Analytics