summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/MoccaParameterBean.java2
-rw-r--r--BKUOnline/src/main/webapp/w3c/p3p.xml8
-rw-r--r--BKUOnline/src/main/webapp/w3c/policy.html49
-rw-r--r--BKUOnline/src/main/webapp/w3c/policy.xml58
4 files changed, 116 insertions, 1 deletions
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/MoccaParameterBean.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/MoccaParameterBean.java
index 74d6515d..9cb9360c 100644
--- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/MoccaParameterBean.java
+++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/MoccaParameterBean.java
@@ -67,7 +67,7 @@ public class MoccaParameterBean {
public static final String PARAM_LOCALE = "locale";
public static final Pattern PATTERN_LOCALE = Pattern.compile("[a-zA-Z][a-zA-Z](_[a-zA-Z][a-zA-Z]){0,2}");
- public static final String P3P_POLICY = "CP=\"NON DSP COR CUR ADM DEV TAI PSA PSD OUR DEL IND UNI COM NAV INT CNT STA\"";
+ public static final String P3P_POLICY = "policyref=\"w3c/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV TAI PSA PSD OUR DEL IND UNI COM NAV INT CNT STA\"";
private Charset charset = Charset.forName("ISO-8859-1");
diff --git a/BKUOnline/src/main/webapp/w3c/p3p.xml b/BKUOnline/src/main/webapp/w3c/p3p.xml
new file mode 100644
index 00000000..998aa52d
--- /dev/null
+++ b/BKUOnline/src/main/webapp/w3c/p3p.xml
@@ -0,0 +1,8 @@
+<META xmlns="http://www.w3.org/2002/01/P3Pv1">
+ <POLICY-REFERENCES>
+ <POLICY-REF about="policy.xml#Policy">
+ <INCLUDE>*</INCLUDE>
+ <COOKIE-INCLUDE name="*" value="*" domain="*" path="*" />
+ </POLICY-REF>
+ </POLICY-REFERENCES>
+</META>
diff --git a/BKUOnline/src/main/webapp/w3c/policy.html b/BKUOnline/src/main/webapp/w3c/policy.html
new file mode 100644
index 00000000..24ac3acd
--- /dev/null
+++ b/BKUOnline/src/main/webapp/w3c/policy.html
@@ -0,0 +1,49 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
+ "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<title>Privacy Policy</title>
+</head>
+<body>
+ <strong>About Us</strong> This is a privacy policy for MOCCA. Our
+ homepage on the Web is located at https://www.egiz.gv.at/. We invite
+ you to contact us if you have questions about this policy. You may
+ contact us by e-mail at post@egiz.gv.at. Dispute Resolution If you
+ think we have not followed our privacy policy in some way, they can
+ help you resolve your concern. Additional Information This policy is
+ valid for 1 day from the time that it is loaded by a client. Data
+ Collection P3P policies declare the data they collect in groups (also
+ referred to as "statements"). HTTP protocol elements This data will be
+ used for the following purposes: Completion and support of the current
+ activity. Web site and system administration. Research and development.
+ One-time Tailoring. Pseudonymous Analysis. Pseudonymous Decision. This
+ data will be used by ourselves and our agents. The following
+ explanation is provided for why this data is collected: Our Web server
+ collects access logs containing this information. Cookies Cookies are a
+ technology which can be used to provide you with tailored information
+ from a Web site. A cookie is an element of data that a Web site can
+ send to your browser, which may then store it on your system. You can
+ set your browser to notify you when you receive a cookie, giving you
+ the chance to decide whether to accept it. Compact Policy Summary P3P
+ compact policies are a form of a P3P policy which summarizes what the
+ policy says about cookies. Since this policy does not mention any use
+ of cookies, there is no compact policy form of this policy. A policy
+ mentions use of cookies if the data element "HTTP Cookies" is in any
+ group in the policy. This data element is found under "Dynamic data".
+ Policy Evaluation Microsoft Internet Explorer 6 will evaluate this
+ policy's compact policy whenever it is used with a cookie. The actions
+ IE will take depend on what privacy level the user has selected in
+ their browser (Low, Medium, Medium High, or High; the default is
+ Medium. In addition, IE will examine whether the cookie's policy is
+ considered satisfactory or unsatisfactory, whether the cookie is a
+ session cookie or a persistent cookie, and whether the cookie is used
+ in a first-party or third-party context. This section will attempt to
+ evaluate this policy's compact policy against Microsoft's stated
+ behavior for IE6. Note: this evaluation is currently experimental and
+ should not be considered a substitute for testing with a real Web
+ browser. Satisfactory policy: this compact policy is considered
+ satisfactory according to the rules defined by Internet Explorer 6. IE6
+ will accept cookies accompanied by this policy under the High, Medium
+ High, Medium, Low, and Accept All Cookies settings.
+</body>
+</html> \ No newline at end of file
diff --git a/BKUOnline/src/main/webapp/w3c/policy.xml b/BKUOnline/src/main/webapp/w3c/policy.xml
new file mode 100644
index 00000000..d2dc8c97
--- /dev/null
+++ b/BKUOnline/src/main/webapp/w3c/policy.xml
@@ -0,0 +1,58 @@
+<?xml version="1.0"?>
+<POLICIES xmlns="http://www.w3.org/2002/01/P3Pv1">
+ <EXPIRY max-age="86400" />
+
+ <POLICY name="Policy" discuri="policy.html" xml:lang="en">
+
+ <ENTITY>
+ <DATA-GROUP>
+ <DATA ref="#business.contact-info.online.email">post@egiz.gv.at</DATA>
+ <DATA ref="#business.contact-info.online.uri">https://www.egiz.gv.at/</DATA>
+ <DATA ref="#business.name">EGIZ</DATA>
+ </DATA-GROUP>
+ </ENTITY>
+
+ <ACCESS>
+ <ident-contact />
+ </ACCESS>
+
+ <DISPUTES-GROUP>
+ <DISPUTES resolution-type="service"
+ service="https://www.egiz.gv.at/plain/ueber_egiz/kontakt">
+ <REMEDIES>
+ <correct />
+ </REMEDIES>
+ </DISPUTES>
+ </DISPUTES-GROUP>
+
+ <STATEMENT>
+ <CONSEQUENCE>Our Web server collects access logs containing this
+ information.</CONSEQUENCE>
+
+ <PURPOSE>
+ <current />
+ <admin />
+ <develop />
+ <tailoring />
+ <pseudo-analysis />
+ <pseudo-decision />
+ </PURPOSE>
+
+ <RECIPIENT>
+ <ours />
+ <delivery />
+ </RECIPIENT>
+
+ <RETENTION>
+ <indefinitely />
+ </RETENTION>
+
+ <DATA-GROUP>
+ <DATA ref="#dynamic.clickstream" />
+ <DATA ref="#dynamic.http" />
+ </DATA-GROUP>
+
+ </STATEMENT>
+
+ </POLICY>
+</POLICIES>