Facebook Developers

How would you do this in PHP?

For PHP - its:

<?php
header('P3P: CP="CAO PSA OUR"');
?>

Oops  - didn't see someone posted already.

Last edited by webjoe (2008-03-10 23:06:01)

Thanks, I was thinking of adding in my own forum, inside the App, which would require the use of Sessions/cookies, so this would help with any potential problems.

CB
Battlelords

Last edited by Lethos (2008-12-13 16:57:47)

judomaster2000 wrote:

What about cookies in safari?

I have tried (unsuccessfully) to set a cookie in safari in javascript in an IFrame application. I am unsure if this is even possible on their default cookie settings.

If you are running safari and you set the src of an iframe to this url: http://developer.apple.com/internet/saf … ml#anchor6 and click "get cookies" it will give you "no cookies" as a result.  Even if you "navigate" to the page (click through a link to that page in the iframe first) you will still not get a cookie. Their docs say this should be possible... but it isnt.

Anyone know a way around this?

try to use cookieless sessions.

Its getting crazy with all the various browsers out there, but I guess nothing is any fun without a challenge.

I just finished an exhausting 2 hour cram on P3P and IE madness. Here is what I discovered and added to our iframed apps to comply with IE's privacy settings.


Article - good overview

http://www.softwareprojects.com/resourc … -1612.html


P3P Editor - IBM tool to create the "compact privacy policy" that IE requires

http://www.alphaworks.ibm.com/tech/p3peditor

Just download the JAR file and run the following command. You will of course need Java installed. This should work on any OS that supports Java. Use their templates to get started. You can save and edit for different sites. Very useful. Oh and free.

java -jar p3p.jar


Example - This is how Yahoo has it setup even though they're not dealing with FB iframe issues presumably.

HTTP header included in all HTTP requests made using IE 6+

P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HE

Referenced P3P XML file

http://info.yahoo.com/w3c/p3p.xml which redirects to http://info.yahoo.com/privacy/w3c/p3p_policy.xml


Server Configuration - Easiest way is to setup Apache to add P3P header to all HTTP calls made from an IE browser

Add the following to your httpd.conf file within <VirtualHost> settings. More about that here http://httpd.apache.org/docs/2.0/mod/mod_headers.html

BrowserMatch MSIE IS_MSIE
Header set P3P "policyref=\"http://www.your-domain.com/w3c/p3p.xml\", CP=\"CAO DSP CURa ADMa DEVa TAIa PSAa PSDa IVAi IVDi CONi OUR UNRi OTRi BUS IND PHY ONL UNI COM NAV INT DEM CNT STA PRE GOV LOC\"" env=IS_MSIE

The value of the CP portion can be generated using IBM's tool (link above)

Hope this helps. With this setup you'll be able to set cookies and use cookie-based session management even when IE is set to use highest privacy settings (Medium are the default)

webjoe wrote:

For PHP - its:

Code:

<?php
header('P3P: CP="CAO PSA OUR"');
?>

Oops  - didn't see someone posted already.

i tried but it doesn't work for me

where we have to add this code?

I tried using the PHP code but with no success..  I guess something went wrong again..

I try to make an iframe application, with php on the server side.
Authentication to facebook from php works fine, and after I set the p3p header (a few combinatons) cookies are setted ok in IE8. If I try to start FB connect on the client side, I have discovered that my cookies dissapered.
After some tests I have observed that cookies that come from server are actualy ok, but any try to change them from javascript, result in cookie loss.

Anybody know how to solve this issue?

Me to pesrsists the similar kind of problem ..
We developed an xajax based php framework apps and hosted it to facebook apps. For that we used facebook iFrame.
I have a problem in this.My application is loading quiet good in iframe of facebook at the instance and the xajax is working great.
But when I used xajax request and reload my application then I find the following error thrown
This XML file does not appear to have any style information associated with it. The document tree is shown below.     
−
<xjx>
−
<cmd cmd="as" id="whatisaycontainer" prop="innerHTML">
S<table id='whatisay' border=0 cellpadding=0 cellspacing=0>
<tr><td valign='top'><input type='checkbox' name='whatsay1' id='whatsay1' value='Hang in there.'  onclick='ToggleMessage(this);BuildPreview();'></td><td class='brown' >Hang in there.</td></tr><tr><td valign='top'><input type='checkbox' name='whatsay2' id='whatsay2' value='I believe in you.'  onclick='ToggleMessage(this);BuildPreview();'></td><td class='brown' >I believe in you.</td></tr><tr><td valign='top'><input type='checkbox' name='whatsay3' id='whatsay3' value='I know its a rough patch right now..'  onclick='ToggleMessage(this);BuildPreview();'></td><td class='brown' >I know its a rough patch right now..</td></tr><tr><td valign='top'><input type='checkbox' name='whatsay4' id='whatsay4' value='Chin up, you!'  onclick='ToggleMessage(this);BuildPreview();'></td><td class='brown' >Chin up, you!</td></tr><tr><td valign='top'><input type='checkbox' name='whatsay5' id='whatsay5' value='Are you feeling better about life?'  onclick='ToggleMessage(this);BuildPreview();'></td><td class='brown' >Are you feeling better about life?</td></tr><input type='hidden' name='maxwatsay' value='6'></table>
</cmd>
−
<cmd cmd="jc" func="AlignCheckboxes">
<xjxobj/>
</cmd>
</xjx>
I am cracking my head and debugged all possible chances 1. Loops 2. Header info 3. Iframe of facebook on the top etc.. I checked my programming and find no problem with any reference call.

So this is also related to kind of xajax REQUEST headers problem..Request anyone here can help me solve this out ..

Unfortunally no luck with Safari, still not accept cross domain cookies.