We (Nilobol and I) have found that ajax requests on IE occasionally fail.
Here is what we have found:
- The request is sent out
- But we never get a reply back from the server
- The server actually sees the request but it response as HTTP 408 (request timeout)
Right now we are on this problem. We have found some thread saying that because on the header Connection: keep-alive. IE has problem with its implementation.
We are changing all ajax request to be Connection: close (both on clients and server).
We are confirming the result, but it looks good now.
Feb 16, 2011
Cookies enabled on IE (P3P)
I have been encountered the problem of using cookies on IE for a while.
The problem surfaces because a facebook app is run in an iFrame. Therefore, IE considers it as a third-party cookie.
In IE, one can choose a privacy option to be high. This means that, without a privacy policy, IE won't allow you to use cookies.
* Privacy Policy is W3C standard, which only IE takes it seriously.
We have found the way to make cookies work even users set the privacy to be the second-highest option. (Even hotmail does not work.)
We have to use these compact polciies: NOI COR PSA OUR IND OTC
Here are their meanings:
NOI = Web Site does not collected identified data.
COR = Errors or wrongful actions arising in connection with the privacy policy will be remedied by the service.
PSA = Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data
OUR = Ourselves and/or entities acting as our agents or entities for whom we are acting as an agent. (I don't know what this means)
IND = Information is retained for an indeterminate period of time. The absence of a retention policy would be reflected under this option. Where the recipient is a public fora, this is the appropriate retention policy. (This is to use never-expired cookies)
OTC = Other types of data not captured by the above definitions. (This says that we won't contact user in real world or online world (which is a lie because we contact users by their emails)
Basically, these compact policies say that we don't identify users, which is a lie because we have users' facebook id.
But, hey, it works ...
The problem surfaces because a facebook app is run in an iFrame. Therefore, IE considers it as a third-party cookie.
In IE, one can choose a privacy option to be high. This means that, without a privacy policy, IE won't allow you to use cookies.
* Privacy Policy is W3C standard, which only IE takes it seriously.
We have found the way to make cookies work even users set the privacy to be the second-highest option. (Even hotmail does not work.)
We have to use these compact polciies: NOI COR PSA OUR IND OTC
Here are their meanings:
NOI = Web Site does not collected identified data.
COR = Errors or wrongful actions arising in connection with the privacy policy will be remedied by the service.
PSA = Information may be used to create or build a record of a particular individual or computer that is tied to a pseudonymous identifier, without tying identified data
OUR = Ourselves and/or entities acting as our agents or entities for whom we are acting as an agent. (I don't know what this means)
IND = Information is retained for an indeterminate period of time. The absence of a retention policy would be reflected under this option. Where the recipient is a public fora, this is the appropriate retention policy. (This is to use never-expired cookies)
OTC = Other types of data not captured by the above definitions. (This says that we won't contact user in real world or online world (which is a lie because we contact users by their emails)
Basically, these compact policies say that we don't identify users, which is a lie because we have users' facebook id.
But, hey, it works ...
Subscribe to:
Posts (Atom)