I have a shopping cart application that is called by various web sites. We set a cookie with nothing more than a basic UID to keep track of a shopping cart file - no personal information is collected. However, now IE is failing to function with many of my web sites due to some new policy restrictions and their default security level.
I have implemented a policy file, and had it validated and it appears to be fine.
"Medium: Opt-out is not provided for all unsatisfactory purposes and recipients, so the cookie will be blocked."
I am not sure if I should use a <link xxx> reference but I am also implementing the file in the proper w3c/p3p.xml location, so IE is reading it. What about some sort of META tag in the header to help it accept cookies? What's the easiest meta tag I can implement that will ensure the cookie is set with the widest variety of security settings?
Since IE is set to medium, it's blocking the cookie. I do not know where this "opt-out" thing that needs to be specified goes.... Can anyone help????