Maison > Article > développement back-end > Comment définir l'en-tête p3p en php
Comment définir l'en-tête p3p en php
- 藏色散人original
- 2021-09-24 11:08:402571parcourir
Comment définir l'en-tête p3p en php : 1. Modifiez HOST et ajoutez "127.0.0.1 www.a.com" ; 2. Créez des fichiers tels que a_setcookie.php et a_getcookie.php 3. Définissez l'en-tête p3p via l'en-tête.
L'environnement d'exploitation de cet article : système Windows 7, PHP version 7.1, ordinateur Dell G3.
Comment définir l'en-tête p3p en php ?
PHP obtient un accès inter-domaines à COOKIE en définissant l'en-tête P3P
Mon système est CentOS (noyau Linux)
Modifier HOST
vi /etc/hosts
Join
127.0.0.1 www.a.com 127.0.0.1 www.b.com
Tout d'abord : créez un fichier_setcookie.php avec le contenu suivant :
<?php
//header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
setcookie("test", $_GET['id'], time()+3600, "/", ".a.com");
?>Ensuite : Créez un fichier a_getcookie.php avec le contenu suivant :
<?php var_dump($_COOKIE); ?>
Enfin : Créez un fichier b_setcookie.php avec le contenu suivant :
<script src="http://www.a.com/a_setcookie.php?id=www.b.com"></script>
-------------- ---- ---------
Une fois les trois fichiers créés, nous y accédons dans l'ordre via le navigateur :
http://www.b.com/b_setcookie.php http://www.a.com/a_getcookie.php
Nous constaterons qu'en accédant au domaine b.com, nous n'avons pas défini dans le domaine a.com sur la valeur du cookie.
Ensuite, nous modifions le fichier a_setcookie.php et supprimons les symboles de commentaire. a_setcookie.php est :
<?php
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
setcookie("test", $_GET['id'], time()+3600, "/", ".a.com");
?>Visitez à nouveau via le navigateur :
http://www.b.com/b_setcookie.php http://www.a.com/a_getcookie.php
Cette fois, vous constaterez qu'en accédant au domaine b.com, nous Le la valeur du cookie pour le domaine a.com est définie.
Enfin, il semble que seul IE ait des restrictions plus strictes sur l'accès inter-domaines à COOKIE. Le code ci-dessus a été testé sous FIREFOX et il peut réussir même sans envoyer d'informations d'en-tête P3P.
============================================
Etude recommandée : " Tutoriel vidéo PHP》
Vous pouvez facilement connaître la signification du code P3P ci-dessus via Fiddler
P3P Header is present: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Compact Policy token is present. A trailing 'o' means opt-out, a trailing 'i' means opt-in. CURa Information is used to complete the activity for which it was provided. ADMa Information may be used for the technical support of the Web site and its computer system. DEVa Information may be used to enhance, evaluate, or otherwise review the site, service, product, or market. PSAo Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals for purpose of research, analysis and reporting, but it will not be used to attempt to identify specific individuals. PSDo Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals to make a decision that directly affects that individual, but it will not be used to attempt to identify specific individuals. OUR We share information with ourselves and/or entities acting as our agents or entities for whom we are acting as an agent. BUS Info is retained under a service provider's stated business practices. Sites MUST have a retention policy that establishes a destruction time table. The retention policy MUST be included in or linked from the site's human-readable privacy policy. UNI Non-financial identifiers, excluding government-issued identifiers, issued for purposes of consistently identifying or recognizing the individual. These include identifiers issued by a Web site or service. PUR Information actively generated by the purchase of a product or service, including information about the method of payment. INT Data actively generated from or reflecting explicit interactions with a service provider through its site -- such as queries to a search engine, or logs of account activity. DEM Data about an individual's characteristics -- such as gender, age, and income. STA Mechanisms for maintaining a stateful session with a user or automatically recognizing users who have visited a particular site or accessed particular content previously -- such as HTTP cookies. PRE Data about an individual's likes and dislikes -- such as favorite color or musical tastes. COM Information about the computer system that the individual is using to access the network -- such as the IP number, domain name, browser type or operating system. NAV Data passively generated by browsing the Web site -- such as which pages are visited, and how long users stay on each page. OTC Other types of data not captured by the above definitions. NOI Web Site does not collected identified data. DSP The privacy policy contains DISPUTES elements. COR Errors or wrongful actions arising in connection with the privacy policy will be remedied by the service. Validate at: http://www.w3.org/P3P/validator.html Learn more at: http://www.fiddlertool.com/redir/?id=p3pinfo
Ce qui précède est le contenu détaillé de. pour plus d'informations, suivez d'autres articles connexes sur le site Web de PHP en chinois!