P3P is guilty in blocking of words addition to a dictionary
These days we received a support request from one of our new licensed clients. The problem was as follows. Person was not able to add word to a dictionary. To be more precise it seemed that a word was added to a dictionary, but then was marked as misspelled again.
The reason of the problem was not obvious at a glance. But after further investigation and analysis of requests we arrived at a conclusion that web browser’s processing of P3P blocked words from being added to a dictionary.
What is P3P?
From Wikipedia: “The Platform for Privacy Preferences Project, or P3P, is a protocol allowing websites to declare their intended use of information they collect about browsing users. Designed to give users more control of their personal information when browsing. P3P allows browsers to understand their privacy policies in a simplified and organized manner rather than searching throughout the entire website. By setting your own privacy settings on a certain level, P3P will automatically block any cookies that you might not want on your computer.”
How does P3P affect functionality of the SpellChecker.net?
To avoid this problem the application (in our sample above on domain1.com) need to send additional header. The header named P3P should be prepared. Details on what should be presented in this header can be found here: http://www.p3pwriter.com/LRN_111.asp. It is not correct to set the header inside the SpellChecker.net application as soon as the company who purchased the application may have different policy and may want to change it. The settings can be added to the settings of the web site.
For the IIS web server header can be set specifically to the path /spellcheck/script/ using IIS Management Console. It can be set in the properties dialog of the /script/ directory and choose HTTP Headers tab and add the header.
For the Apache web server header can be set according to apache web server documentation (http://httpd.apache.org/docs/2.2/mod/mod_headers.html#header) using the Header directive:
Header add P3P “[P3P policy value]”
In the Internet Explorer web browser, the problem with privacy settings can be observed when an eye with a red sign appears in the status bar of browser window like on the shot below: