Ben M. wrote:
I think he may be referring to a ‘compact privacy policy’.
I found this with a quick Google search:
P3P, Cookies and IE6.0: A Case Study — SitePoint
(worth going back to Page 1 and reading the whole article)
This is fascinating - does it really apply to session cookies?
If so, why aren’t all Rails (and most J2EE, and many other) sites
suffering from it?
Also, it looks like you can generate a policy here:
http://p3p.privacycouncil.com/public/publicCPGen.jsp
However, at the time of posting that site seems to be unavailable.
Here’s a page with more resources:
Using P3P on your web site
Microsoft’s explanation of IE6 settings is here:
http://support.microsoft.com/kb/q283185/
and there’s a practical article here:
http://www.duxcw.com/faq/webmastr/privhttp.htm
with associated human-readable privacy statement here:
http://www.duxcw.com/_include/privincl.htm
Bruce - sorry I doubted your assumption that this was a technical thing.
Reduce this kind of risk in future by doing end-to-end testing of a
representative slice of your application, on the intended technology
(i.e., in this case, from Rails at the external host through to IE6 in
the end user environment), as early as possible in a project.
For now, agree with your customer that this is an aspect that needs
fixing, but also agree a work-around that allows testing of
functionality to continue - even if this means using a server on the
internal network.
I suspect that the images aspect is something different, but I’m not
sure.
Sorry I don’t have much time to look into this (I was away from work ill
today, and have some catching up to do)… but I’ll google some more and
flag anything that looks useful.
regards
Justin