PrivacySetZonePreferenceW function

Sets the privacy settings for a given URLZONE and PrivacyType.


DWORD PrivacySetZonePreferenceW(
  _In_ DWORD   dwZone,
  _In_ DWORD   dwType,
  _In_ DWORD   dwTemplate,
  _In_ LPCWSTR pszPreference


  • dwZone [in]
    A value of type DWORD that specifies the URLZONE for which privacy settings are being set.

  • dwType [in]
    A value of type DWORD that specifies the PrivacyType for which privacy settings are being set.

  • dwTemplate [in]
    A value of type DWORD that specifies which of the PrivacyTemplates is used to set the privacy settings.

  • pszPreference [in]
    If dwTemplate is set to PRIVACY_TEMPLATE_CUSTOM, this parameter is the string representation of the custom preferences. Otherwise, it should be set to NULL. A description of this string representation is included in the Remarks section.

Return value

Returns zero if successful. Otherwise, one of the errors defined in winerr.h is returned.


These privacy settings for the Internet zone are found on the Privacy tab of the Internet Options dialog box.

To set the privacy options for the URLZONE_INTERNET, you must set the PrivacyTemplates for each PrivacyType. The slider on the Privacy Menu in Internet Options moves only if privacy is set for each PrivacyType.

Use the pszPreference parameter to set custom privacy preferences for a given URLZONE and PrivacyType. The pszPreference parameter can contain a series of rules that describe the privacy preferences. It is important to note that the rules must be separated by white space; but the rules themselves cannot contain white space. The pszPreference has the following structure where there are multiple logical rules.

<signature> <logical-rule> <special-rule>

Currently, the signature must be set to IE6-P3PSettings/V1:.

Logical rules have the following format.


An expression is a Boolean statement composed of compact policy tokens using the logical AND operator (&) and the logical NOT operator (!). A compact policy token is case-sensitive. (For more information on Platform for Privacy Preferences (P3P) privacy policies and compact policy tokens, see the W3C: Platform for Privacy Preferences (P3P) Project specification.)

The decision is a single lower-case character that defines the action to take on the cookie compact policy contains a specified token. The following table lists valid decision characters.

Character Definition
a Accept cookie.
p Prompt user to accept or deny the cookie.
r Reject the cookie.
l Leash the cookie (only send it in a first-party context).
d Downgrade a persistent cookie to a session cookie.

Logical rules are evaluated in the order that they are listed. The first logical rule to be matched, if any, determines the cookie action.

An empty expression is also allowed. If an expression is empty, the left side of a rule evaluates to true. An empty expression can be used at the end of a set of rules to catch any situations that do not fall into the other categories.

The following examples show valid logical rules.

    Deny a cookie whose compact policy contains the DEM token
    Accept a cookie whose compact policy contains the CON token 
    and does not contain the TEL token
    Accept all cookies

Special rules are defined using the nopolicy symbol, the session symbol, and the always symbol. The nopolicy symbol is used to specify the cookie action when there is no compact policy. For example, nopolicy=d specifies to downgrade all cookies without a compact policy to session cookies. The session symbol specifies the action to take on session cookies and can only be set to a. When session=a is specified, all session cookies are accepted, regardless of the content of the compact policy. If this rule is not specified, session cookies are subject to the same rules as persistent cookies. The always symbol is used to specify to perform the same action for everything. For example, always=d specifies to deny all cookies regardless of the existence of a compact policy. Note that always=d is equivalent to /=d/.

The following example shows a privacy preferences string that specifies several compact policies.

  1. Accept cookies where the compact policy contains a FIN/CONi token pair.
  2. Reject cookies with compact policies containing a FIN/CON token pair, a FIN/CONo token pair, a FIN/CONa token pair, and a GOV/PUB token pair, or a TEL token.
  3. Prompt the user when a cookie compact policy contains the UNR token.
  4. Downgrade cookies without a compact policy to session cookies.
  5. Accept all cookies that do not match one of the given rules.

Note that the first rule that evaluates to true determines the cookie action.

IE6-P3PSettings/V1: /FIN&CONi=a/ /FIN&CONo=r/ /FIN&CONa=r/ /FIN&CON=r/ 
/GOV&PUB=r/ /TEL=r/ /UNR=p/ nopolicy=d /=a/


Minimum supported client

Windows XP

Minimum supported server

Windows 2000 Server


Internet Explorer 6







Unicode and ANSI names

PrivacySetZonePreferenceW (Unicode)

See also