P3P for Apache on IBM i

Troubleshooting

Problem

There's a great reference on how to deploy P3P for Apache on the W3 web site at www.w3.org/TR/p3pdeployment.

Resolving The Problem

There's a great reference on how to deploy P3P for Apache on the W3 web site at http://www.w3.org/TR/p3pdeployment. There are P3P editors available on the web to assist with the creation of p3p policy files. Once this is created, use the Header directive in Apache to point to the policy file. This will cause a P3P header to be sent from the HTTP server on responses back to the client.

This section describes how to add HTTP headers to the response for Apache.

Basics

The Apache Web server includes a module called mod_headers which is used to add extra headers to HTTP responses. The configuration directive which is used to add these headers makes use of the normal Apache scoping rules, so headers can be added to an individual file, a set of files matching a regular expression, a set of directories matching a regular expression, or an entire Web site.

The headers module is used to add any arbitrary headers to an HTTP response. Thus the Apache Web server does not need to "understand" the P3P headers.

How to do it

1	Publish the site's policy reference file and privacy policies. Before you put the P3P headers on the content, you should first publish the P3P privacy policies. Copy the policy files to the appropriate part of your server's content tree.
2	Decide how the headers will be arranged on the site. If the same compact policy is used on the entire site, then it is usually possible to send the same P3P header for the entire site. On the other hand, if different parts of the site require different compact policies, then separate P3P headers will be required. For this example, we'll assume that we're using one P3P header on the entire site.
3	Create the appropriate scope sections in the server configuration file (httpd.conf). This is explained in "How Directory, Location, and Files sections work". For our example, it will look like this: <Location / > </Location>
4	Add the P3P header. To do this, place a Header directive within the section(s) created in the previous step. For our example, the result will look as follows: <Location / > Header append P3P "policyref=\"http://catalog.example.com/P3P/PolicyReferences.xml\"" </Location>

Once the configuration changes have been made the HTTP server will needed to be ended and restarted for the change to take effect. You have now associated the page with its P3P privacy policy.

[{"Type":"MASTER","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"6.1.0"}]

Historical Number

28121347

Was this topic helpful?

Document Information

Modified date:
18 December 2019

UID

nas8N1016837

Tips