Belangrijke tip voor webmasters van bannerexchange services

Zoals bekend heeft de nieuwe Internet Explorer (versie 6+) standaard de optie tot het accepteren van cookies UIT staan.

Dit heeft gevolgen voor bannerexchange services die gebruik maken van cookies om het dataverkeer binnen de perken te houden. Doordat IE deze niet accepteert, zal een bezoeker die op een banner klikt bijvoorbeeld de melding krijgen dat de URL niet correct is (veelal "Invalid Destination").

Er zijn mogelijkheden om de leden van de bannerexchange aan te schrijven om de optie in IE tot het accepteren van cookies aan te zetten. De leden zullen dan de bezoekers van hun site dienen te waarschuwen.Het spreekt voor zich dat een dergelijke inspanning nagenoeg onmogelijk is en dat een garantie op het resultaat zeker niet te geven is.

Gelukkig kregen wij een mail van Paul Rispens, een zeer ervaren webmaster op het gebied van bannerexchanges en de daarbijbehorende scripts. Hij "leende" ons belangeloos zijn expertise en voorzag ons van de noodzakelijke informatie; vanzelfsprekend hiervoor hartelijk dank! 

Paul: "De oplossing is het implementeren van een privacy-policy op je website. Dat klinkt ingewikkeld en dat is het ook wel een beetje, maar uiteindelijk is het goed uit te voeren m.b.v. een policyeditor: http://www.codeinfusion.com/p3pedit/." Noot: dit programma is niet gratis.

"Het grootste probleem is het automatisch gaan sturen van de Compact Policy in de headers van http-requests. (...) Ik heb dat gedaan door in het script zelf de header mee te sturen, maar je kunt ook je webserver configureren dat ie dat voortaan automatisch doet."

"Bijgaand de e-mail die ik na het gebruik van de editor kreeg toegezonden: 

Thank you for using P3PEdit to create your P3P policy.  Below are instructions for implementing your P3P policy on your website.  At the end of this email are your P3P Policy XML file, P3P Policy Reference XML file, and P3P Compact header string.  All three are in plain text.

STEP ONE - POLICY REFERENCE XML FILE
1. Create a new text file on your computer.
2. Copy the Policy Reference XML text from the bottom of this email.
3. Paste it into the new text file.
4. Rename the text file to 'p3p.xml' (without quotes).

STEP TWO - POLICY XML FILE
1. Create a new text file on your computer.
2. Copy the Policy XML text from the bottom of this email.
3. Paste it into the new text file.
4. Rename the text file to 'policy.xml' (without quotes).
Note: if your Policy Reference points to a different Policy filename, rename the text file to that name.

STEP THREE - UPLOAD THE TWO XML FILES
1. Create a new root directory on your webserver named "w3c" (no quotes).
2. Upload both files to /w3c.
Note: if your Policy Reference file lists your Policy XML file to be in a different directory than /w3c then upload the Policy XML file to the appropriate directory.

STEP FOUR - ADD THE COMPACT POLICY
1. Find out the type of webserver you are using.  The two most common webservers are Apache (on Linux or Windows) and Internet Information Server (IIS) (on Windows only).

2. Add the Compact Policy header string according to the directions for your webserver below.

INTERNET INFORMATION SERVER
1. Open the IIS Administration Console.
2. Open the Properties screen for the webserver.
3. Click on the 'HTTP Headers' tab.
4. Click 'Add' in the 'Custom HTTP Headers' area.
5. A new window appears.
6. Type 'P3P' (without quotes) in the 'Custom Header Name' text field.
7. Copy and paste your Compact Policy header string from this email into the 'Custom Header Value' text field.  It should look something like:

CP="NOI DSP COR NID CUR OUR NOR"

(this time include the quotes)
8. Select OK and exit out of the IIS Admin.
9. When validating your P3P Policy (see below), your P3P header should look something like:
P3P:CP="NOI DSP COR NID CUR OUR NOR"

APACHE
1. For each directory that you want your Compact Policy header to be available from, you must create a file called '.htaccess' (without quotes).  Note that the period at the beginning of the filename makes it invisible on your webserver.  To view hidden files in an FTP session, add '-al' (without quotes) to the list command (for example: ls -al).

Also note that it may be difficult to create a file named '.htaccess' on Windows systems.  Instead, name the file 'htaccess', upload it and rename it to '.htaccess'.

2. The .htaccess file must contain a line which adds your Compact Policy header.  The line should look something like:

Header append P3P 'CP="NOI DSP COR NID CUR OUR NOR"'

3. Note the following:
- The command is: Header append
-  P3P is the header name.
- The rest is the header value.
- Note the use of quotes in the above example.  Single-quotes surround the entire header value.  Double-quotes surround the actual Compact Policy.

ALL OTHER WEBSERVERS
For instructions for other webservers, or for instructions on implementing server-wide policies for Apache, visit the following URL:

http://www.w3.org/TR/2001/NOTE-p3pdeployment-20010510#Appendix_Servers

STEP FIVE - VALIDATE YOUR P3P POLICY
1. Visit: http://www.w3.org/P3P/validator.html
2. In the Integrated Validation text field, type the URL of your website
3. Press the 'check' button.

IF YOU NEED ASSISTANCE
Support is provided by e-mail only.  Please send your questions (or comments) to support@policyeditor.com.  All types of questions and feedback are welcome.

EXAMPLES
The codeinfusion.com website provides a nice example of how a policy can be implemented.  Visit http://www.codeinfusion.com with IE6 and check the privacy report for the website.  IE6 reports that a policy is found and displays information based on the policy implemented.

You may also browse http://www.codeinfusion.com/w3c for file examples.  The XML files will display in IE6 (or any other XML compliant browser).

POLICY FILES BELOW
Note: when copying these to your computer, do not copy the lines with asterisks!

********** BEGIN POLICY REFERENCE XML FILE **********

<META xmlns="http://www.w3.org/2002/01/P3Pv1">
<!--Created with P3PEdit on 02/20/02  2:15:13 AM - http://policyeditor.com -->
        <POLICY-REFERENCES>
                <EXPIRY max-age="86400 "/>
                <POLICY-REF about="http://www.bannermanagement.nl/w3c/policy.xml#P3PPolicy">
                        <INCLUDE>/*</INCLUDE>
                </POLICY-REF>
        </POLICY-REFERENCES>
</META>

********** END POLICY REFERENCE XML FILE **********

********** BEGIN POLICY XML FILE **********

<?xml version="1.0" encoding="UTF-8"?>
<!--Created with P3PEdit on 02/20/02  2:13:11 AM - http://policyeditor.com -->
<POLICIES xmlns="http://www.w3.org/2002/01/P3Pv1">
        <POLICY name="P3PPolicy" discuri="http://www.bannermanagement.nl/w3c/privacy.html" opturi="http://www.bannermanagement.nl/w3c/optinout.html">

                <ENTITY>
                        <DATA-GROUP>
                                <DATA ref="#business.name">Startpagina Bannermanagement</DATA>                         

                        <DATA ref="#business.contact-info.postal.street">De Uitweg 19</DATA>                           

                        <DATA ref="#business.contact-info.postal.city">Leersum</DATA>                          
                        <DATA ref="#business.contact-info.postal.stateprov">Utrecht</DATA>                             

                        <DATA ref="#business.contact-info.postal.postalcode">3956 CD</DATA>                            

                        <DATA ref="#business.contact-info.postal.country">Netherlands</DATA>                           

                        <DATA ref="#business.contact-info.telecom.telephone.loccode">0343</DATA>                               

                        <DATA ref="#business.contact-info.telecom.telephone.number">456706</DATA>                              

                        <DATA ref="#business.contact-info.online.email">bannermanagement@pagina.nl</DATA>      
                </DATA-GROUP>
                </ENTITY>
                <ACCESS><nonident/></ACCESS>
                <DISPUTES-GROUP>
                        <DISPUTES resolution-type="service" service="http://www.bannermanagement.nl/w3c/service.html" verification="http://www.bannermanagement.nl/w3c/verify.html" short-description="All disputes are resolved as customer service issues...">

                        <LONG-DESCRIPTION>Our organization processes all disputes through email. 

The address to send comments to is: bannermanagement@pagina.nl

Please allow 12-24 hours to receive a reply.    </LONG-DESCRIPTION>
                                <REMEDIES><correct/></REMEDIES>
                        </DISPUTES>
                </DISPUTES-GROUP>
                <STATEMENT>
                <CONSEQUENCE>Collect certain types of user information allows us to keep your website settings
between site visits...
                        </CONSEQUENCE>
                <NON-IDENTIFIABLE/>
                        <PURPOSE>
                        <current/>
                        </PURPOSE>
                        <RECIPIENT>
                        <ours><recipient-description>Website owner only</recipient-description></ours>
                        </RECIPIENT>
                        <RETENTION>
                                <stated-purpose/>
                        </RETENTION>
                        <DATA-GROUP>
                        <DATA ref="#dynamic.cookies">
                                <CATEGORIES>
                                        <computer/>
                                </CATEGORIES>
                        </DATA>
                        </DATA-GROUP>
                </STATEMENT>
        </POLICY>
</POLICIES>

********** END POLICY XML FILE **********

********** BEGIN COMPACT POLICY HEADER STRING **********

CP="NOI DSP COR NID CUR OUR STP COM"

********** END COMPACT POLICY HEADER STRING **********"

 

Hopelijk is de ervaring van Paul van goede waarde bij het oplossen van het probleem. Mochten er andere oplossingen zijn, dan kunt u deze mailen naar bannerexchange@pagina.nl. Wij zullen deze dan publiceren.

 

© Peter Glebbeek i.s.m. Startpagina

 

 


NLbanner