php如何设置p3p头,很多新手对此不是很清楚,为了帮助大家解决这个难题,下面小编将为大家详细讲解,有这方面需求的人可以来学习下,希望你能有所收获。
php设置p3p头的方法:1、编辑HOST,加入“127.0.0.1 www.a.com”;2、创建a_setcookie.php和a_getcookie.php等文件;3、通过header设置p3p头即可。
本文操作环境:windows7系统、PHP7.1版、Dell G3电脑。
php怎么设置p3p头?
PHP 通过设置P3P头来实现跨域访问COOKIE
我的是CentOS的系统(Linux 内核)
编辑HOST
vi /etc/hosts
加入
127.0.0.1 www.a.com 127.0.0.1 www.b.com
首先:创建 a_setcookie.php 文件,内容如下:
<?php //header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); setcookie("test", $_GET['id'], time()+3600, "/", ".a.com"); ?>
然后:创建 a_getcookie.php 文件,内容如下:
<?php var_dump($_COOKIE); ?>
最后:创建 b_setcookie.php 文件,内容如下:
<script src="http://www.a.com/a_setcookie.php?id=www.b.com"></script>
----------------------------
三个文件创建完毕后,我们通过浏览器依次访问:
http://www.b.com/b_setcookie.php http://www.a.com/a_getcookie.php
我们会发现,在访问b.com域的时候,我们并没有在a.com域设置上cookie值。
然后我们修改一下a_setcookie.php文件,去掉注释符号,a_setcookie.php即为:
<?php header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); setcookie("test", $_GET['id'], time()+3600, "/", ".a.com"); ?>
再次通过浏览器依次访问:
http://www.b.com/b_setcookie.php http://www.a.com/a_getcookie.php
这次,你会发现在访问b.com域的时候,我们设置了a.com域的cookie值。
末了补充一句,似乎只有IE对跨域访问COOKIE限制比较严格,上述代码在FIREFOX下测试,即使不发送P3P头信息,也能成功。
==========================================
undefined
通过Fiddler可以方便的知道上面P3P代码的含义
P3P Header is present: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Compact Policy token is present. A trailing 'o' means opt-out, a trailing 'i' means opt-in. CURa Information is used to complete the activity for which it was provided. ADMa Information may be used for the technical support of the Web site and its computer system. DEVa Information may be used to enhance, evaluate, or otherwise review the site, service, product, or market. PSAo Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals for purpose of research, analysis and reporting, but it will not be used to attempt to identify specific individuals. PSDo Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals to make a decision that directly affects that individual, but it will not be used to attempt to identify specific individuals. OUR We share information with ourselves and/or entities acting as our agents or entities for whom we are acting as an agent. BUS Info is retained under a service provider's stated business practices. Sites MUST have a retention policy that establishes a destruction time table. The retention policy MUST be included in or linked from the site's human-readable privacy policy. UNI Non-financial identifiers, excluding government-issued identifiers, issued for purposes of consistently identifying or recognizing the individual. These include identifiers issued by a Web site or service. PUR Information actively generated by the purchase of a product or service, including information about the method of payment. INT Data actively generated from or reflecting explicit interactions with a service provider through its site -- such as queries to a search engine, or logs of account activity. DEM Data about an individual's characteristics -- such as gender, age, and income. STA Mechanisms for maintaining a stateful session with a user or automatically recognizing users who have visited a particular site or accessed particular content previously -- such as HTTP cookies. PRE Data about an individual's likes and dislikes -- such as favorite color or musical tastes. COM Information about the computer system that the individual is using to access the network -- such as the IP number, domain name, browser type or operating system. NAV Data passively generated by browsing the Web site -- such as which pages are visited, and how long users stay on each page. OTC Other types of data not captured by the above definitions. NOI Web Site does not collected identified data. DSP The privacy policy contains DISPUTES elements. COR Errors or wrongful actions arising in connection with the privacy policy will be remedied by the service. Validate at: http://www.w3.org/P3P/validator.html Learn more at: http://www.fiddlertool.com/redir/?id=p3pinfo
看完上述内容是否对您有帮助呢?如果还想对相关知识有进一步的了解或阅读更多相关文章,请关注亿速云行业资讯频道,感谢您对亿速云的支持。
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。