Well I didn't mean exactly the same message with a link and everything, but
just something like "This is not a policy definition."
Best regards,
Thomas
On Apr 14, 2016 17:03, "Stian Thorgersen" <sthorger(a)redhat.com> wrote:
I don't think the Google way is good for us as we'd need to
have a similar
page. Further, it wouldn't be correct to have a Keycloak page that
describes the policy for other companies. So we need to figure out what the
correct value should be I think.
On 14 April 2016 at 16:00, Thomas Raehalme <
thomas.raehalme(a)aitiofinland.com> wrote:
> W3C has the spec but since nobody is really using this I don't think the
> value matters. But instead of making up some policy definition I think that
> the Google way would be the best. What do you think?
>
> Best regards,
> Thomas
> On Apr 14, 2016 16:54, "Stian Thorgersen" <sthorger(a)redhat.com>
wrote:
>
>> I've got no clue what the value should be, tried to search on Google,
>> but doesn't make much sense to me.
>>
>> On 14 April 2016 at 15:30, Jukka Sirviö <Jukka.Sirvio(a)mipro.fi> wrote:
>>
>>> there is discussion on this issue, also on stack overflow
>>>
>>>
http://stackoverflow.com/questions/32120129/keycloak-is-causing-ie-to-hav...
>>>
>>> “Header always set P3P "CP=ALL DSP COR CUR ADM PSA CONi OUR SAM OTR UNR
>>> LEG"”
>>>
>>>
>>> Lähettäjä: keycloak-user-bounces(a)lists.jboss.org [mailto:
>>> keycloak-user-bounces(a)lists.jboss.org] Puolesta Thomas Raehalme
>>> Lähetetty: 14. huhtikuuta 2016 16:22
>>> Vastaanottaja: Stian Thorgersen
>>> Kopio: keycloak-user
>>> Aihe: Re: [keycloak-user] JavaScript client, iframe and IE
>>>
>>> I created KEYCLOAK-2828 for this issue and will do a PR as well.
>>>
>>> What do you think the value should be? As I wrote earlier it does not
>>> seem to make a difference to IE.
>>>
>>> Best regards,
>>> Thomas
>>>
>>>
>>> On Thu, Apr 14, 2016 at 4:16 PM, Stian Thorgersen
<sthorger(a)redhat.com>
>>> wrote:
>>> Can you create a JIRA for it please? If you fancy doing a PR you can
>>> add the header to LoginStatusIframeEndpoint.
>>>
>>> On 14 April 2016 at 15:09, Thomas Raehalme <
>>> thomas.raehalme(a)aitiofinland.com> wrote:
>>> On Thu, Apr 14, 2016 at 4:01 PM, Stian Thorgersen
<sthorger(a)redhat.com>
>>> wrote:
>>> What do you mean about "if the URL is something like"?
>>>
>>> The only iframe Keycloak uses is in the JavaScript adapter and it's
>>> only the session iframe. That would be the only place it would be relevant
>>> for Keycloak to set P3P header, but don't think it's need AFAIK it
works
>>> just fine on IE.
>>>
>>> Sorry for being a little too vague.
>>>
>>> Among other UIs our application has a web front-end based on AngularJS
>>> and it's utilizing the JavaScript adapter for authentication. When I
login
>>> to the application I can inspect the HTML and see an <iframe />
element
>>> with the following URL:
>>>
>>>
>>>
https://keycloak-server/auth/realms/xxxx/protocol/openid-connect/login-st...
>>>
>>> Without the P3P header there is an eternal loop between our web
>>> front-end and Keycloak where the browser is being redirected from one to
>>> the other. After adding the P3P header the problem was solved.
>>>
>>> Best regards,
>>> Thomas
>>>
>>>
>>>
>>> ________________________________
>>>
>>> Tämä sähköpostiviesti (liitteineen) saattaa sisältää luottamuksellista
>>> tietoa, joka on tarkoitettu
>>> vain vastaanottajalleen. Jos et ole oikea vastaanottaja, ilmoita
>>> viestin lähettäjälle tapahtuneesta
>>> virheestä ja tuhoa viesti välittömästi. Viestin luvaton julkaiseminen,
>>> kopioiminen, jakelu tai muu
>>> käyttö tai toimenpiteisiin ryhtyminen sen perusteella on ehdottomasti
>>> kielletty.
>>>
>>> This message (including any attachments) may contain confidential
>>> information intended for
>>> the person or entity to which it is addressed. If you are not the
>>> intended recipient, notify the
>>> sender and delete this message immediately. Notice that disclosing,
>>> copying, distributing or any
>>> other use of the message and its information, or taking any action
>>> based on it, is strictly prohibited.
>>>
>>> ________________________________
>>>
>>
>>