diff options
Diffstat (limited to 'BKUOnline/src')
| -rw-r--r-- | BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/MoccaParameterBean.java | 2 | ||||
| -rw-r--r-- | BKUOnline/src/main/webapp/w3c/p3p.xml | 8 | ||||
| -rw-r--r-- | BKUOnline/src/main/webapp/w3c/policy.html | 49 | ||||
| -rw-r--r-- | BKUOnline/src/main/webapp/w3c/policy.xml | 58 | 
4 files changed, 116 insertions, 1 deletions
| diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/MoccaParameterBean.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/MoccaParameterBean.java index 74d6515d..9cb9360c 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/MoccaParameterBean.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/MoccaParameterBean.java @@ -67,7 +67,7 @@ public class MoccaParameterBean {    public static final String PARAM_LOCALE = "locale";    public static final Pattern PATTERN_LOCALE = Pattern.compile("[a-zA-Z][a-zA-Z](_[a-zA-Z][a-zA-Z]){0,2}"); -  public static final String P3P_POLICY = "CP=\"NON DSP COR CUR ADM DEV TAI PSA PSD OUR DEL IND UNI COM NAV INT CNT STA\""; +  public static final String P3P_POLICY = "policyref=\"w3c/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV TAI PSA PSD OUR DEL IND UNI COM NAV INT CNT STA\"";    private Charset charset = Charset.forName("ISO-8859-1"); diff --git a/BKUOnline/src/main/webapp/w3c/p3p.xml b/BKUOnline/src/main/webapp/w3c/p3p.xml new file mode 100644 index 00000000..998aa52d --- /dev/null +++ b/BKUOnline/src/main/webapp/w3c/p3p.xml @@ -0,0 +1,8 @@ +<META xmlns="http://www.w3.org/2002/01/P3Pv1"> +	<POLICY-REFERENCES> +		<POLICY-REF about="policy.xml#Policy"> +			<INCLUDE>*</INCLUDE> +			<COOKIE-INCLUDE name="*" value="*" domain="*" path="*" /> +		</POLICY-REF> +	</POLICY-REFERENCES> +</META> diff --git a/BKUOnline/src/main/webapp/w3c/policy.html b/BKUOnline/src/main/webapp/w3c/policy.html new file mode 100644 index 00000000..24ac3acd --- /dev/null +++ b/BKUOnline/src/main/webapp/w3c/policy.html @@ -0,0 +1,49 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" +       "http://www.w3.org/TR/html4/loose.dtd"> +<html> +<head> +<title>Privacy Policy</title> +</head> +<body> +	<strong>About Us</strong> This is a privacy policy for MOCCA. Our +	homepage on the Web is located at https://www.egiz.gv.at/. We invite +	you to contact us if you have questions about this policy. You may +	contact us by e-mail at post@egiz.gv.at. Dispute Resolution If you +	think we have not followed our privacy policy in some way, they can +	help you resolve your concern. Additional Information This policy is +	valid for 1 day from the time that it is loaded by a client. Data +	Collection P3P policies declare the data they collect in groups (also +	referred to as "statements"). HTTP protocol elements This data will be +	used for the following purposes: Completion and support of the current +	activity. Web site and system administration. Research and development. +	One-time Tailoring. Pseudonymous Analysis. Pseudonymous Decision. This +	data will be used by ourselves and our agents. The following +	explanation is provided for why this data is collected: Our Web server +	collects access logs containing this information. Cookies Cookies are a +	technology which can be used to provide you with tailored information +	from a Web site. A cookie is an element of data that a Web site can +	send to your browser, which may then store it on your system. You can +	set your browser to notify you when you receive a cookie, giving you +	the chance to decide whether to accept it. Compact Policy Summary P3P +	compact policies are a form of a P3P policy which summarizes what the +	policy says about cookies. Since this policy does not mention any use +	of cookies, there is no compact policy form of this policy. A policy +	mentions use of cookies if the data element "HTTP Cookies" is in any +	group in the policy. This data element is found under "Dynamic data". +	Policy Evaluation Microsoft Internet Explorer 6 will evaluate this +	policy's compact policy whenever it is used with a cookie. The actions +	IE will take depend on what privacy level the user has selected in +	their browser (Low, Medium, Medium High, or High; the default is +	Medium. In addition, IE will examine whether the cookie's policy is +	considered satisfactory or unsatisfactory, whether the cookie is a +	session cookie or a persistent cookie, and whether the cookie is used +	in a first-party or third-party context. This section will attempt to +	evaluate this policy's compact policy against Microsoft's stated +	behavior for IE6. Note: this evaluation is currently experimental and +	should not be considered a substitute for testing with a real Web +	browser. Satisfactory policy: this compact policy is considered +	satisfactory according to the rules defined by Internet Explorer 6. IE6 +	will accept cookies accompanied by this policy under the High, Medium +	High, Medium, Low, and Accept All Cookies settings. +</body> +</html>
\ No newline at end of file diff --git a/BKUOnline/src/main/webapp/w3c/policy.xml b/BKUOnline/src/main/webapp/w3c/policy.xml new file mode 100644 index 00000000..d2dc8c97 --- /dev/null +++ b/BKUOnline/src/main/webapp/w3c/policy.xml @@ -0,0 +1,58 @@ +<?xml version="1.0"?> +<POLICIES xmlns="http://www.w3.org/2002/01/P3Pv1"> +	<EXPIRY max-age="86400" /> + +	<POLICY name="Policy" discuri="policy.html" xml:lang="en"> + +		<ENTITY> +			<DATA-GROUP> +				<DATA ref="#business.contact-info.online.email">post@egiz.gv.at</DATA> +				<DATA ref="#business.contact-info.online.uri">https://www.egiz.gv.at/</DATA> +				<DATA ref="#business.name">EGIZ</DATA> +			</DATA-GROUP> +		</ENTITY> + +		<ACCESS> +			<ident-contact /> +		</ACCESS> + +		<DISPUTES-GROUP> +			<DISPUTES resolution-type="service" +				service="https://www.egiz.gv.at/plain/ueber_egiz/kontakt"> +				<REMEDIES> +					<correct /> +				</REMEDIES> +			</DISPUTES> +		</DISPUTES-GROUP> + +		<STATEMENT> +			<CONSEQUENCE>Our Web server collects access logs containing this +				information.</CONSEQUENCE> + +			<PURPOSE> +				<current /> +				<admin /> +				<develop /> +				<tailoring /> +				<pseudo-analysis /> +				<pseudo-decision /> +			</PURPOSE> + +			<RECIPIENT> +				<ours /> +				<delivery /> +			</RECIPIENT> + +			<RETENTION> +				<indefinitely /> +			</RETENTION> + +			<DATA-GROUP> +				<DATA ref="#dynamic.clickstream" /> +				<DATA ref="#dynamic.http" /> +			</DATA-GROUP> + +		</STATEMENT> + +	</POLICY> +</POLICIES> | 
