CMS Made Simple Forums

It's new, it's exiting and it bites your head off if you try to get it done, but here is how you can make CMS (or for that matter any site/forum) W3C P3P valid.

Sorry to only post a link to another site, but it was a lot of typing to get it there in the first place.

enjoy,

Ron

http://www.yabbforum.com/community/YaBB ... 1147812527

Well,

it still would be better to type:


"Active media file and link viewing is for registered members only !!  You need to Login or Register !!"


aaargh.


faglork

faglork wrote: Well,

it still would be better to type:


"Active media file and link viewing is for registered members only !!  You need to Login or Register !!"


aaargh.


faglork

Uhhh... you mean the links on YaBB forum are not visible for guests
Never thought of that (actually this is a new feature in YaBB preventing bots to spider messages for links).

I'll post the whole topic here then.

CROSSPOSTED FROM YABBFORUM

It's new, it's exiting, it's in most new browsers ...... and it is a major pain in the ass for most board/website owners.

Here's how you make your site/ board P3P valid (Privacy Policy)

You need to do some work to get it done, but at least your browser will not complain about it anymore.

In your webroot (the same place where you have your yabbfiles dir) create two new dirs:

1. Create a dir called /w3c

Inside this dir there is a file called p3p.xlm which holds the reference to your privacy policy statement

This files could look like this:

http://www.w3.org/2002/01/P3Pv1">



   
/*
/cgi-bin/*
   

And shows the browser where the real policy xml set is found (in this example in a dir called privacy in the file policy.xml)
The anchor refers to the first policy set inside this xml file (you could have multiple policies for different parts of your site).

Ok, one down, two to go:

2. Create another dir (in the example /privacy but this could be called whatever you like as long as you refer to it in the p3p.xml file).

Inside this dir you must at least have one xml file (called privacy.xml in the example, but again this name is free to choose as long as the reference is set to it in p3p.xml)

This xml file should at least have the following elements:

http://www.w3.org/2002/01/P3Pv1">
   

   
   


   
   
   
1
333
8888888
privacy@*****.net
http://www.*****.net;
Spikecity.net Services
   
   

   
   

   
   

I fyou have questions about our privacy rules, please send an email to privacy@******.net.
   

   

   
   




   
   We keep a standard log for access and system administration, and also for development purposes. This information will not be used for any other purposes and will not be sold, forwarded or released to any third party.

   
   

   
   

   
   

   
   
   
   
   
   



   
   




   
   We only register the data you entered in the fill out form to be able to serve you best and to give other members an idea of who you are (which you are free to fill out or leave blank).

   
   

   
   

   
   

   
   
   
   
   
   
   


   
   




   
   We only use your email address to send mail to you if requested. Your address will not be sold, forwarde or released to any third party.

   
   

   
   

   
   

   
   
   
   
   

This is only the xml file that gives the users browser an idea what kind of stuff is requested and what it is used for.

So in order to make it complete you also need a human readable policy declaration.

(cont in next message)

3. In the example privacy.xml from my site you will see a reference in the  and   elements which point to a human readable page on my CMS system where users can read in plain text what our privacy statement and dispute reolution is.

This can be the same page twice if your policy and dispute resolution are on the same page, but they could be two different pages

Make sure this/thess page(s) exists and is/are accesible as the validator will check it !!

Almost there, as there is one thing you need to do.

4. You will have to set a html reference tag inside the .... section of you website/YaBB template.

this looks like:

http://www.********.net/w3c/p3p.xml">

and which points to the full url of  w3c/p3p.xml on your website.

If all is done well and no typoos are made you should be able to run your site through the validator and get the all clear sign.

5. http://www.w3.org/P3P/validator.html

6. There is another thing you can also add, which is adding a short P3P header into the webserver output (which is a shorthand version of the privacy.xml file above) but as not all server accept custom headers and even less server accept non recognised metadata entries this is not mandatory if you use the link reference method.

And a valid site report looks like this (don't get scared on the URI as it is just a CMS IFRAME calling YaBB.pl ):

Results of P3P validation
Target URI: http://www.spikecity.net/index.php?page=forum


--------------------------------------------------------------------------------


Step 1: /w3c/p3p.xml Validation

URI: http://www.spikecity.net/w3c/p3p.xml

Step 1-1: Access check

/w3c/p3p.xml can be retrieved.

Message: The content type of /w3c/p3p.xml is application/xml.

Step 1-2: Syntax check

/w3c/p3p.xml has no syntax errors.

Step 1-3: Policy URI check

/w3c/p3p.xml has no warnings or errors.

Message: P3P policy indicated at line 5 can be accessed.


P3P policy for http://www.spikecity.net/index.php?page=forum is [http://www.spikecity.net/privacy/policy.xml#policy]


--------------------------------------------------------------------------------


Step 2: HTTP Protocol Validation ( HTTP headers )

HTTP headers have no P3P: header.


--------------------------------------------------------------------------------


Step 3: HTML File Validation

HTML document is P3P compliant.

Message: HTML document has P3P compliant element.

http://www.spikecity.net/w3c/p3p.xml">
--------------------------------------------------------------------------------


Step 4: Policy File Validation

URI: http://www.spikecity.net/privacy/policy.xml#policy

Step 4-1: Syntax check

Policy file has no syntax errors.

Step 4-2: Vocabulary check

Policy file has no vocabulary errors.

Step 4-3: Link check

Policy file has no link errors.

Message: line 8: discuri attribute of element can be accessed.

Message: line 26: service attribute of element can be accessed.