Login

P3P Headers for iframes

Author:
jeverling
Posted:
June 5, 2008
Language:
Python
Version:
.96
Score:
2 (after 2 ratings)

This is nothing fancy and hasn't much to do with django itself, I just searched for this information for quite a while and thought it may be useful for others. If you use IE7 (and maybe IE6), it will block cookies in iframes, if the iframes content comes from another server (quite common, I think). The P3P specification lets you declare your privacy settings in a format interpretable by browsers, essentially you can tell IE that you adhere to "don't be evil", and are allowed to handle cookies afterwards. I don't think that makes much sense, but it seems that it is the only way to make IE accept cookies in iframes. I had no idea that django made it that incredibly easy to "patch" the response-header, but it does! :)

1
2
3
4
def index(request):
    response = render_to_response('mytemplate.html')
    response["P3P"] = 'CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"'
    return response

More like this

  1. Template tag - list punctuation for a list of items by shapiromatron 10 months, 2 weeks ago
  2. JSONRequestMiddleware adds a .json() method to your HttpRequests by cdcarter 10 months, 3 weeks ago
  3. Serializer factory with Django Rest Framework by julio 1 year, 5 months ago
  4. Image compression before saving the new model / work with JPG, PNG by Schleidens 1 year, 6 months ago
  5. Help text hyperlinks by sa2812 1 year, 7 months ago

Comments

Please login first before commenting.