问题
Our app is hosted in Facebook. As you know, Facebook hosts third party app in an IFrame. You may also know that if a web site in an Iframe, and parent website is on a different domain, then 3rd party (cross domain) cookies that do not have a compact policy will be blocked in IE for Medium privacy settings. So one needs to configure a compact p3p policy for a web site. My general question is: What is the recommended way to do this on Azure. I would appreciate any documentations on this. I looked and looked and can only find bits and pieces that do not work for me.
Note, I have already created the p3p policy files (html, xml, compact and reference files). So basically I think I have all the pieces that I need. I am just missing the directions on how to enable them.
Further subquestions:
Do I have to serve the compact p3p policy as part of the response header every time a page is requested?
or
Can I configure the IIS on Azure to set the headers for the entire site? I found this link
http://richardprodger.wordpress.com/2011/04/06/p3p-and-iis-in-azure/
that talks about how to create and run an appcommand on Azure. However, when I do it and try to deploy, my role instances never start. They hang infinitely.
Kind regards,
Archil
回答1:
On another site (social.msdn.microsoft.com) someone made the following post:
Instead of configuring IIS in startup task, we can write the setting in the web.config file in our web role. The setting I used to resolve p3p issue is:
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="p3p" value="CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT""/>
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>
The p3p header value is quoted from http://adamyoung.net/IE-Blocking-iFrame-Cookies. Please try if it works for you or not.
Hope this helps.
来源:https://stackoverflow.com/questions/6241376/how-to-configure-p3p-policy-on-azure