IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [p3p]

5 questions
21
votes
3 answers

What are the risks of using a CDN to speed up my website? How do I avoid them?

Content Delivery Networks (CDNs) are well known to speed up the performance of a website, but they create the obvious security risks if someone were to change the code that resides on the CDN. What are the security risks of a CDN? Is there content…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
12
votes
3 answers

Should anyone support / implement P3P policies? Do they matter? Are they legally binding?

Google and Facebook authentication both have fake P3P policies in the HTTP headers that link to a webpage that explains why they don't support it: CP="This is not a P3P policy! See…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
2
votes
1 answer

How does IE's Privacy options affect javascript's ability to save cookies?

I'm looking at IE's privacy options screen and am trying to figure out how it breaks javascript, workarounds to that, and how I can gracefully degrade my user experience. Is there a guide that directly describes the IE reaction to the P3P header?…
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
1
vote
0 answers

Third-party P3P extension for Internet Explorer or Edge

P3P has been removed from Internet Explorer and Edge in Windows 10. Is there a third-party browser extension that, as a cookie filter, reads compact privacy policies and allows or blocks cookies based on the privacy policies? Just like Internet…
Jonathan Dahlin
  • 21
  • 1
0
votes
0 answers

Is it ok to turn off P3P in IE11 on Windows 7?

Some time ago Microsoft dropped support for P3P in IE11 and Edge on Windows 10 (https://msdn.microsoft.com/en-us/library/mt146424(v=vs.85).aspx). Unfortunately P3P remains in use, by default, in IE11 on Windows 7. We have thousands of endpoints that…
saekort
  • 353
  • 2
  • 10