That's why it's a brilliant piece of passive-aggressive engineering!
It undermines both the letter and intent of P3P, while ostensibly informing the user. The exact same string is a lie to the protocol, but the truth when read by a person outside of the protocol-context!
It's kind of like a file that's both a legal and harmless GIF and a malicious executable Java JAR. (Look up [GIFAR vulnerability] for more details.)
That's why it's a brilliant piece of passive-aggressive engineering!
It undermines both the letter and intent of P3P, while ostensibly informing the user. The exact same string is a lie to the protocol, but the truth when read by a person outside of the protocol-context!
It's kind of like a file that's both a legal and harmless GIF and a malicious executable Java JAR. (Look up [GIFAR vulnerability] for more details.)