Wirtschaftsuniversität Wien Magisterarbeit - SemanticLab
Wirtschaftsuniversität Wien Magisterarbeit - SemanticLab
Wirtschaftsuniversität Wien Magisterarbeit - SemanticLab
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
cgi −bin /∗<br />
/ s e r v l e t /∗<br />
/ s e r v l e t /unknown<br />
<br />
<br />
<br />
Listing 3.3: Policy reference file (Source: [W3Ca])<br />
Please note that both P3P policies and policy reference files make extensive use of<br />
wildcards by using the asteriks (“*”). Wildcards can be applied to every URL, for<br />
example to define that policy “fourth” is only applied to JPEG files on the website:<br />
<br />
/ ∗ . jpg<br />
<br />
Listing 3.4: Policy reference file using wildcards<br />
Both elements INCLUDE and EXCLUDE (and their content, respectively) are casesensitive,<br />
that is, depending on the webserver, one has to make sure that all possible<br />
file-extension combinations are accounted for.<br />
When it comes to third-party content, referencing a policy is not easily accomplished<br />
as URL’s always have to be relative to the policy reference file of the website<br />
and the P3P specification does not allow the application of policies on third-party content.<br />
However, a methodology was introduced to hint user-agents at the policy which<br />
can be applied for third party content by using the HINT element. User-agents should<br />
first check the well-known location of the third-party website for applicable P3P policies.<br />
If no (applicable) policies can be found, user-agents may evaluate the HINT element to<br />
be directed to the third-parties’ P3P policies. However, the HINT element may only be<br />
used if the third-party site declares the location of its policy reference file either via a<br />
HTTP header or LINK tag (because the well-known location was already checked before<br />
the HINT element was evaluated). The HINT element can be used by defining a scope<br />
of the policy and a path relative to the website where the policy reference file is located<br />
as shown in Listing 3.5<br />
<br />
<br />
<br />
Listing 3.5: Policy reference file using the HINT element (Source: [W3Ca])<br />
23