Menu
▾
▴
[phpesp-dev] [ phpesp-Bugs-1949207 ] Authenticated respondent kicked out of dashboard
|
From: SourceForge.net <no...@so...> - 2008-04-22 22:22:54
|
Bugs item #1949207, was opened at 2008-04-22 18:23 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=1949207&group_id=8956 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: User Group: cvs Status: Open Resolution: None Priority: 1 Private: No Submitted By: bishop (bishopb) Assigned to: Nobody/Anonymous (nobody) Summary: Authenticated respondent kicked out of dashboard Initial Comment: After successful log in, an authenticated respondent is kicked out of the dashboard when accessing a phpESP instance from within a framed site that opens the phpESP in a frame using IE6. This occurs because phpESP doesn't send a P3P compact security policy and the cookie is third-party, which IE6 refuses in the default configuration ("Medium"): “Internet Explorer prevents Web sites from storing third-party cookies that do not have a compact privacy policy or that use personally identifiable information without your explicit consent. The browser also prevents Web sites from storing first-party cookies that use personally identifiable information without your implicit consent.” The solution is send a proper P3P header that will quiesce IE6, as described here: http://www.oreillynet.com/mac/blog/2002/06/p3p_in_ie6_frustrating_failure.html ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=108956&aid=1949207&group_id=8956 |
