4 files changed, 116 insertions, 1 deletions

diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/MoccaParameterBean.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/MoccaParameterBean.java
index 74d6515d..9cb9360c 100644
--- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/MoccaParameterBean.java
+++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/MoccaParameterBean.java
@@ -67,7 +67,7 @@ public class MoccaParameterBean {
   public static final String PARAM_LOCALE = "locale";
   public static final Pattern PATTERN_LOCALE = Pattern.compile("[a-zA-Z][a-zA-Z](_[a-zA-Z][a-zA-Z]){0,2}");
 
-  public static final String P3P_POLICY = "CP=\"NON DSP COR CUR ADM DEV TAI PSA PSD OUR DEL IND UNI COM NAV INT CNT STA\"";
+  public static final String P3P_POLICY = "policyref=\"w3c/p3p.xml\", CP=\"NON DSP COR CUR ADM DEV TAI PSA PSD OUR DEL IND UNI COM NAV INT CNT STA\"";
 
   private Charset charset = Charset.forName("ISO-8859-1");
   
diff --git a/BKUOnline/src/main/webapp/w3c/p3p.xml b/BKUOnline/src/main/webapp/w3c/p3p.xml
new file mode 100644
index 00000000..998aa52d
--- /dev/null
+++ b/BKUOnline/src/main/webapp/w3c/p3p.xml
@@ -0,0 +1,8 @@
+<META xmlns="http://www.w3.org/2002/01/P3Pv1">
+	<POLICY-REFERENCES>
+		<POLICY-REF about="policy.xml#Policy">
+			<INCLUDE>*</INCLUDE>
+			<COOKIE-INCLUDE name="*" value="*" domain="*" path="*" />
+		</POLICY-REF>
+	</POLICY-REFERENCES>
+</META>
diff --git a/BKUOnline/src/main/webapp/w3c/policy.html b/BKUOnline/src/main/webapp/w3c/policy.html
new file mode 100644
index 00000000..24ac3acd
--- /dev/null
+++ b/BKUOnline/src/main/webapp/w3c/policy.html
@@ -0,0 +1,49 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
+       "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<title>Privacy Policy</title>
+</head>
+<body>
+	<strong>About Us</strong> This is a privacy policy for MOCCA. Our
+	homepage on the Web is located at https://www.egiz.gv.at/. We invite
+	you to contact us if you have questions about this policy. You may
+	contact us by e-mail at post@egiz.gv.at. Dispute Resolution If you
+	think we have not followed our privacy policy in some way, they can
+	help you resolve your concern. Additional Information This policy is
+	valid for 1 day from the time that it is loaded by a client. Data
+	Collection P3P policies declare the data they collect in groups (also
+	referred to as "statements"). HTTP protocol elements This data will be
+	used for the following purposes: Completion and support of the current
+	activity. Web site and system administration. Research and development.
+	One-time Tailoring. Pseudonymous Analysis. Pseudonymous Decision. This
+	data will be used by ourselves and our agents. The following
+	explanation is provided for why this data is collected: Our Web server
+	collects access logs containing this information. Cookies Cookies are a
+	technology which can be used to provide you with tailored information
+	from a Web site. A cookie is an element of data that a Web site can
+	send to your browser, which may then store it on your system. You can
+	set your browser to notify you when you receive a cookie, giving you
+	the chance to decide whether to accept it. Compact Policy Summary P3P
+	compact policies are a form of a P3P policy which summarizes what the
+	policy says about cookies. Since this policy does not mention any use
+	of cookies, there is no compact policy form of this policy. A policy
+	mentions use of cookies if the data element "HTTP Cookies" is in any
+	group in the policy. This data element is found under "Dynamic data".
+	Policy Evaluation Microsoft Internet Explorer 6 will evaluate this
+	policy's compact policy whenever it is used with a cookie. The actions
+	IE will take depend on what privacy level the user has selected in
+	their browser (Low, Medium, Medium High, or High; the default is
+	Medium. In addition, IE will examine whether the cookie's policy is
+	considered satisfactory or unsatisfactory, whether the cookie is a
+	session cookie or a persistent cookie, and whether the cookie is used
+	in a first-party or third-party context. This section will attempt to
+	evaluate this policy's compact policy against Microsoft's stated
+	behavior for IE6. Note: this evaluation is currently experimental and
+	should not be considered a substitute for testing with a real Web
+	browser. Satisfactory policy: this compact policy is considered
+	satisfactory according to the rules defined by Internet Explorer 6. IE6
+	will accept cookies accompanied by this policy under the High, Medium
+	High, Medium, Low, and Accept All Cookies settings.
+</body>
+</html>
\ No newline at end of file
diff --git a/BKUOnline/src/main/webapp/w3c/policy.xml b/BKUOnline/src/main/webapp/w3c/policy.xml
new file mode 100644
index 00000000..d2dc8c97
--- /dev/null
+++ b/BKUOnline/src/main/webapp/w3c/policy.xml
@@ -0,0 +1,58 @@
+<?xml version="1.0"?>
+<POLICIES xmlns="http://www.w3.org/2002/01/P3Pv1">
+	<EXPIRY max-age="86400" />
+
+	<POLICY name="Policy" discuri="policy.html" xml:lang="en">
+
+		<ENTITY>
+			<DATA-GROUP>
+				<DATA ref="#business.contact-info.online.email">post@egiz.gv.at</DATA>
+				<DATA ref="#business.contact-info.online.uri">https://www.egiz.gv.at/</DATA>
+				<DATA ref="#business.name">EGIZ</DATA>
+			</DATA-GROUP>
+		</ENTITY>
+
+		<ACCESS>
+			<ident-contact />
+		</ACCESS>
+
+		<DISPUTES-GROUP>
+			<DISPUTES resolution-type="service"
+				service="https://www.egiz.gv.at/plain/ueber_egiz/kontakt">
+				<REMEDIES>
+					<correct />
+				</REMEDIES>
+			</DISPUTES>
+		</DISPUTES-GROUP>
+
+		<STATEMENT>
+			<CONSEQUENCE>Our Web server collects access logs containing this
+				information.</CONSEQUENCE>
+
+			<PURPOSE>
+				<current />
+				<admin />
+				<develop />
+				<tailoring />
+				<pseudo-analysis />
+				<pseudo-decision />
+			</PURPOSE>
+
+			<RECIPIENT>
+				<ours />
+				<delivery />
+			</RECIPIENT>
+
+			<RETENTION>
+				<indefinitely />
+			</RETENTION>
+
+			<DATA-GROUP>
+				<DATA ref="#dynamic.clickstream" />
+				<DATA ref="#dynamic.http" />
+			</DATA-GROUP>
+
+		</STATEMENT>
+
+	</POLICY>
+</POLICIES>