Flickr™ last.fm

About

My name is Edd Sowden and this is my so called blog. While you are here you might like to look at the archives or my sandbox.

Found elsewhere: Taskpaper.Web and my job.

My email: e@here.

Sunday 27th January 08

Security on the internet is big business. Browser vendors spend a lot of time making sure the browser does everything it can to make the internet a safer place. Sometimes though the moves they make don't seem to actually help anyone.

I recently had the joy of trying to work out how to make IE7 play nicely with cross sub-domain cookies. In particular how to make a "compact privacy policy" for a domain so that we could set cookies under a "Medium" privacy setting (which is the default) and have them available on a different part of our site. This lead me in to a minefield that is P3P.

After a couple of hours reading rather confusing and messy documentation I finally found out all that a compact privacy policy is just a semi-unique header that you have to send when setting a cookie. The next problem is creating your policy. After fruitless searching for an online creator I settled on downloading the IBM P3P Editor.

Once I had added the cookie support and ticked the relevant check-boxes through the maze of property windows I had finally generated our compact privacy policy which looked something like P3P: CP="CAO DSP COR CURa ADMa DEVa CONa OUR LEG UNI" which is code for what our complete privacy policy looks like.

Adding this as a http header at the same time that the cookie is set now makes our cookies work across sub-domains in IE7. So why was that so much hard work? What is wrong with the fact if we set our cookies for .domain.dom we want them to be available on all sub-domains.

Sunday 13th January 08

I use VPN quite a lot. I use it when I need to be virtually at university so that I can access machines for RDC. I also use it when on the university campus connected to the wireless as it opens up ports which are otherwise blocked.

These two different situations need different settings on the VPN connection. The first I only want to use the connection for connecting to things inside the network. However, the second I want it to handle all requests my machine makes.

In Tiger I used to have to open the VPN options before each connection I made and tick or un-tick the 'Send all traffic over VPN connection'. Now in Leopard the advanced options are only valid for each service you set up. So I can have two saved services and just click connect and it knows how I want the connection set up. Such a small change but it makes my life so much easier.

Tuesday 1st January 08

Happy New Year Everyone.

Ohh and don't forget to update those copyright notices if your not already getting them dynamically generated.

© 2008 Edd Sowden