This article is a mirror article of machine translation, please click here to jump to the original article.

Architect_Programmer_Code Agriculture Network»Architect Front-end design & web Html/CSS/JavaScript SSO single sign-on is a P3P protocol for synchronous login/exit
View: 11639|Reply: 0

[HTML/HTML5] SSO single sign-on is a P3P protocol for synchronous login/exit

[Copy link]
Posted on 5/24/2018 3:32:12 PM | | | |
1. Explanation of terms

P3P (The Platform for Privacy Preferences) is a privacy protection recommendation standard published by W3C, but only IE is a browser that implements it, and other browsers basically do not use this standard.
First-party and third-party cookie assumptionsThe hyperlink login is visible.Embedded in the form of an iframeThe hyperlink login is visible.The hyperlink login is visible.Cookies are called first-party cookies, andThe hyperlink login is visible.are called third-party cookies
2. Application scenarios of P3P

Browser support
P3P is only supported by IE! (I tested that Google Browsing supports the P3P protocol, and I saw from the Internet that most browsers support the P3P protocol, so I tested it myself as shown in the figure below





Application scenarios
Most browsers, first-party cookies are certainly allowed by default. However, the default permission rules for third-party cookies vary widely.

For IE browser: By default, third-party cookies are not allowed, http requests cannot read third-party cookies, at this time, you can set the P3P protocol header, and it supports accessing third-party cookies.

For Chrome, Firefox, and Opera, third-party cookies are allowed by default, and even if third-party cookies are manually disabled, http requests can read third-party cookies.

For Safari, third-party cookies are not allowed by default, but http requests can also read third-party cookies.

3. Answer your questions

Function: IE browser does not allow third-party cookies by default, resulting in http requests not being able to access third-party cookies.
Case: hypotheticalThe hyperlink login is visible.Use the form of an iframe to embedThe hyperlink login is visible.The hyperlink login is visible.After authenticating the user, the sessionId is written to the cookie.The hyperlink login is visible.The sessionId is read to process the business request. But for IE users who do not set up the P3P header,The hyperlink login is visible.sessionId cannot be read.

Meaning: For such a very pitiful standard, in fact, most people don't pay much attention to the specific meaning of this agreement, if you really need to understand, you can refer to the P3P1.0 specification.
Supplement: In the past few years, there have been many online problems caused by the P3P protocol, but as the share of IE is getting smaller and smaller, more and more users are far away from the old version of IE (in fact, there are fewer and fewer PC users...). ), P3P will also be gradually forgotten... For most online sites: the most concise way to write P3P:CP=. The most commonly used way to write P3P:CP=CAO PSA OUR.

P3P Protocol Introduction:The hyperlink login is visible.
P3P1.0 specification link:The hyperlink login is visible.




Previous:vs2017 Remote debugging asp.net mvc website project
Next:php nginx uses X-Accel-Redirect to control file download permissions

Related Posts
Disclaimer:
All software, programming materials or articles published by Code Farmer Network are only for learning and research purposes; The above content shall not be used for commercial or illegal purposes, otherwise, users shall bear all consequences. The information on this site comes from the Internet, and copyright disputes have nothing to do with this site. You must completely delete the above content from your computer within 24 hours of downloading. If you like the program, please support genuine software, purchase registration, and get better genuine services. If there is any infringement, please contact us by email.
Mail To:help@itsvse.com