php使用p3p实现cookies跨域设置实现单点登录，全站登录-优快云博客

本文详细介绍了P3P策略中的各个元素及其含义，包括CURa、ADMa、DEVa等，并解释了这些策略如何应用于网站的数据收集及使用场景。此外，还提供了关于IE浏览器对第三方Cookie限制的说明以及如何通过设置P3P头来解决这一问题。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

P3P Header is present:
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Compact Policy token is present. A trailing 'o' means opt-out, a trailing 'i' means opt-in.

CURa
Information is used to complete the activity for which it was provided.

ADMa
Information may be used for the technical support of the Web site and its computer system.

DEVa
Information may be used to enhance, evaluate, or otherwise review the site, service, product, or market.

PSAo
Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals for purpose of research, analysis and reporting, but it will not be used to attempt to identify specific individuals.

PSDo
Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data (such as name, address, phone number, or email address) to the record. This profile will be used to determine the habits, interests, or other characteristics of individuals to make a decision that directly affects that individual, but it will not be used to attempt to identify specific individuals.

OUR
We share information with ourselves and/or entities acting as our agents or entities for whom we are acting as an agent.

BUS
Info is retained under a service provider's stated business practices. Sites MUST have a retention policy that establishes a destruction time table. The retention policy MUST be included in or linked from the site's human-readable privacy policy.

UNI
Non-financial identifiers, excluding government-issued identifiers, issued for purposes of consistently identifying or recognizing the individual. These include identifiers issued by a Web site or service.

PUR
Information actively generated by the purchase of a product or service, including information about the method of payment.

INT
Data actively generated from or reflecting explicit interactions with a service provider through its site -- such as queries to a search engine, or logs of account activity.

DEM
Data about an individual's characteristics -- such as gender, age, and income.

STA
Mechanisms for maintaining a stateful session with a user or automatically recognizing users who have visited a particular site or accessed particular content previously -- such as HTTP cookies.

PRE
Data about an individual's likes and dislikes -- such as favorite color or musical tastes.

COM
Information about the computer system that the individual is using to access the network -- such as the IP number, domain name, browser type or operating system.

NAV
Data passively generated by browsing the Web site -- such as which pages are visited, and how long users stay on each page.

OTC
Other types of data not captured by the above definitions.

NOI
Web Site does not collected identified data.

DSP
The privacy policy contains DISPUTES elements.

COR
Errors or wrongful actions arising in connection with the privacy policy will be remedied by the service.

原理，

对于IE来说(默认安全级别下)，iframe、img、link等标签都是只发送session cookie（又叫第一方cookie），拦截本地cookie发送（又叫第三方cookie）。当这些标签跨域引用一个页面，实际上是发起了一次GET请求。

如果这个跨域的请求，HTTP返回头中带有Set-Cookie ，那么这个cookie对浏览器来说，实际上是无效的。

www.b.com p3p.php代码内容

/*
 * chrome,firefox不加header都行，ie因为有cookie安全限制，所以就必须加header
 * 可以使用一个吧账号和密码加密的处理成一个字符串传过去，然后去其他子站点处理字符串然后解析成账号密码登陆
 * 加密方法一定是可以逆行解的，不然就蛋疼了，使用http://php.net/manual/zh/book.mcrypt.php这个函数，或者自己写其他的方法
 * 
 * JS的提交方法，ajax也可以使用
 * 
 * xmlhttp.setRequestHeader( "P3P" , 'CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"' );
 */

$password = 'zzzzzzzzzzzzzzz';


echo "<script src='http://www.a.com/cookie.php?password=$password'></script>";

www.a.com cookies代码内容

<?php
session_start();
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); 
setcookie("zx", $_GET['password'], time()+3600, "/");

www.a.com index.php的代码内容、