Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 7 of 7
  1. #1
    New to the CF scene
    Join Date
    Jul 2008
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    How To Retrieve Cookies From 3rd Party Sites Through iFrames

    Hello all!

    I hope you are having a jolly day!

    Now, I'm creating a webpage in which I have iFrames, in which I'd like to display different websites which I do not own. However, I would still like the cookies of those sites to be installed on the user who visits my page. I'm aware that this is automatically blocked by browsers. I've done extensive research on the web, and have discovered that I need to install p3p on my server, along with corresponding tags and the p3p.xml policy file.

    However!

    Since I'm a designer, and a poor programmer, I was wondering if someone could assist me setting this up. Although I've got some knowledge about HTML, I don't know anything about xml, or other coding languages that are associated with p3p.

    First off, I've already contacted my webmaster on how to activate p3p on my server, who should probably guide me on how to 'allow it to run' on my server.

    Secondly, I've found several snippets of codes and p3p.xml templates, however, I have no idea what it needs to contain, or where I need to put it. I do know that the p3p.xml goes into a folder mysite.com/w3c/p3p.xml. Plus, some sort of snippet needs to be installed in the <head> section of the index.html of my main site.

    Could someone assist me and explain which code snippet I need to use for the headers, and what needs to be displayed in the p3p.xml file? I have no intentions in creating a policy or anything like that, I just want to set it up so that cookies will be installed from sites through the iFrames on my website on the users' computer, at all possible levels.

    Perhaps I ask a lot, but whoever helps me will be rewarded with not only my deepest gratefulness, but in return, I will also be pleased to help you with any graphical issues you may have, think Photoshop, etc. Edit: Offcourse I will also help nominate you as a helping member!

    Many thanks for reading through my question, and thanks in advance for any replies!

    Kindest regards,

    Rudolf
    Last edited by Rudolfvda; 07-15-2008 at 05:35 PM.

  • #2
    Senior Coder jcdevelopment's Avatar
    Join Date
    Oct 2007
    Location
    Cowboy Nation
    Posts
    2,182
    Thanks
    174
    Thanked 257 Times in 257 Posts
    well, can you post the xml and all of the code you need for the p3p? Not sure how much there is but if you could go ahead.

  • #3
    New to the CF scene
    Join Date
    Jul 2008
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks for your response JC!

    I'm unsure what exactly needs to be included in the .xml, but I've seen templates like these for the .xml:

    Code:
    NestIframeJSP.jsp -->
    <%
    response.setHeader("P3P","CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND
    ONL\"");
    %>
    <HTML>
    <HEAD>
            <script>
                    function readCookie(name) {
                            var nameEQ = name + "=";
                            var ca = document.cookie.split(';');
                            for(var i=0;i < ca.length;i++) {
                                    var c = ca[i];
                                    while (c.charAt(0)==' ') c = c.substring(1,c.length);
                                    if (c.indexOf(nameEQ) == 0) return
    c.substring(nameEQ.length,c.length);
                            }
                            return null;
                }
            </script>
    </HEAD>
    <BODY>
    
    <%
         session.setAttribute("name","value" );
         out.println("Server created the JSESSIONID cookie by creating a
    session.");
    %>
       <hr/>
       Running javascript to retrieve these cookies <div
    id="placeholder"></div>
       <script>
         document.getElementById("placeholder").innerHTML="JSESSIONID's
    value is "+readCookie('JSESSIONID');
       </script>
    
    </BODY>
    </HTML>
    And for example, this was supposedly put in the [head] section of your index.html:

    Code:
    <Link REL="P3Pv1" href="http://www.yoursite.com/w3c/p3p.xml";>
    or either:

    Code:
    <meta http-equiv="P3P" content='CP="NOI NAV"'>
    Which confuses me greatly, because they are both very different. This is all highly energy-consuming as I do not understand much of it! However, I'm motivated to get it to work, so I'm open to any help!

    And finally.. something needs to be validated at w3.org, at http://www.w3.org/P3P/validator.html, but at the moment I'm just not there yet.

    I appreciate your help highly! Thanks in advance.

    Kindest regards, Rudolf

  • #4
    Senior Coder jcdevelopment's Avatar
    Join Date
    Oct 2007
    Location
    Cowboy Nation
    Posts
    2,182
    Thanks
    174
    Thanked 257 Times in 257 Posts
    well, all i can think of is if they said place them in the head tags than try this out to see

    Code:
    NestIframeJSP.jsp -->
    <&#37;
    response.setHeader("P3P","CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND
    ONL\"");
    %>
    <HTML>
    <HEAD>
    <Link REL="P3Pv1" href="http://www.yoursite.com/w3c/p3p.xml";>
    <meta http-equiv="P3P" content='CP="NOI NAV"'>        <script>
                    function readCookie(name) {
                            var nameEQ = name + "=";
                            var ca = document.cookie.split(';');
                            for(var i=0;i < ca.length;i++) {
                                    var c = ca[i];
                                    while (c.charAt(0)==' ') c = c.substring(1,c.length);
                                    if (c.indexOf(nameEQ) == 0) return
    c.substring(nameEQ.length,c.length);
                            }
                            return null;
                }
            </script>
    </HEAD>
    <BODY>
    
    <%
         session.setAttribute("name","value" );
         out.println("Server created the JSESSIONID cookie by creating a
    session.");
    %>
       <hr/>
       Running javascript to retrieve these cookies <div
    id="placeholder"></div>
       <script>
         document.getElementById("placeholder").innerHTML="JSESSIONID's
    value is "+readCookie('JSESSIONID');
       </script>
    
    </BODY>
    </HTML>
    and the part of the link where it says

    Code:
    href="http://www.yoursite.com/w3c/p3p.xml
    you would put your website, but i am sure you knew that. Let me know if it worked..

  • #5
    New to the CF scene
    Join Date
    Jul 2008
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hi JC, thanks for the suggestion!

    Here's what I received after running a test at w3.org's p3p validator:

    Step 2: HTTP Protocol Validation ( HTTP headers )

    HTTP headers have no P3P: header.

    Step 3: HTML File Validation

    HTML document has no P3P compliant link tags.

    Message: No valid P3P compliant <link> element.
    So.. what could these HTTP headers be? Step 1 ran just fine.

    Thanks again! Kindest regards, Rudolf

  • #6
    Senior Coder jcdevelopment's Avatar
    Join Date
    Oct 2007
    Location
    Cowboy Nation
    Posts
    2,182
    Thanks
    174
    Thanked 257 Times in 257 Posts
    hmmm, not too sure, unfortunately im not too familiar with p3p or .jsp! But it looks like what i posted should work seeing as how both are in the header that they are asking for. Maybe the magic of the almighty moderator will move this to a correct area where they can answer it better. Otherwise im not too sure.

  • #7
    New to the CF scene
    Join Date
    Jul 2008
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Well JC, we've come a long way and I thank you for your effort! Hopefully someone will drop by and bless us with a solution! Thanks again! Kind regards, Rudolf


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •