Export (0) Print
Expand All

2.2.10 [W3C-P3P1.0] Section 4.1, Referencing compact policies

C0009:

The specification states:

compact-policy-field = `CP="` compact-policy `"` 

compact-policy = compact-token *(" " compact-token) 

compact-token = compact-access           |
compact-disputes         |
compact-remedies         |
compact-non-identifiable |
compact-purpose          |
compact-recipient        |
compact-retention        |
compact-categories       |
compact-test

All Document Modes (All Versions)

Users can define and import a custom privacy preference file that controls how both first-party and third-party cookies should be treated. For more information, see http://msdn.microsoft.com/en-us/library/ms537344(VS.85).aspx.

Users can specify any of the following operations for a cookie from a site (either first-party cookies or third-party cookies; with or without a compact P3P policy):

  • Accept cookies.

  • Reject cookies.

  • Prompt: Prompts the user for consent.

  • forceFirstParty: Leash cookies so that they are sent only in a first-party context.

  • forceSession: Convert persistent cookies to session cookies.

The custom privacy file also allows users to define separate behaviors for first-party cookies and third-party cookies.

The custom privacy file supports rules (with actions) for each token on the compact P3P header. The action can be one of the operations in the previous list.

Example

<firstParty noPolicyDefault="accept" noRuleDefault="forceSession" alwaysAllowSession="no">

<if expr="DSP" action="prompt"></if>

</firstParty>

Therefore, the following compact policy tokens are supported:

Purposes:

  • CURa, CURi, CURo

  • ADMa, ADMi, ADMo

  • DEVa, DEVi, DEVo

  • CUSa, CUSi, CUSo

  • TAIa, TAIi, TAIo

  • PSAa, PSAi, PSAo

  • PSDa, PSDi, PSDo

  • IVAa, IVAi, IVAo

  • IVDa, IVDi, IVDo

  • CONa, CONi, CONo

  • HISa, HISi, HISo

  • TELa, TELi, TELo

  • OTPa, OTPi, OTPo

Recipients:

  • OURa, OURi, OURo

  • DELa, DELi, DELo

  • SAMa, SAMi, SAMo

  • OTRa, OTRi, OTRo

  • UNRa, UNRi, UNRo

  • PUBa, PUBi, PUBo

Retention: NOR, STP, LEG, BUS, IND

Categories:

  • PHY, ONL, UNI, PUR, FIN, COM, NAV, INT

  • DEM, CNT, STA, POL, HEA, PRE, GOV, OTC

Nonidentifiable: NID

Disputes Section: DSP

Access: NOI, ALL, CAO, IDC, OTI, NON

Dispute Resolution: COR, MON, LAW

TST:Token for indicating that a policy is test-version: TST

Show:
© 2015 Microsoft