Issues with setting P3P headers

[pents90]

Using Play 1.2.3, and I'm wrestling with two issues regarding setting P3P headers to prevent the rejection of cookies by certain IE version when the app is embedded in a frame within a different site. You can read more about the wonderful world of IE + P3P here. I need to set a header called "P3P" in everything that is served to the frame, not just the HTML (i.e., CSS, javascript, images, etc.). I have hit two roadblocks:

1. Play adjusts the capitalization of HTTP headers, converting "P3P" into "P3p". That should be OK, as every HTTP standard ever written states that HTTP headers are case-insensitive. But of course, Internet Explorer ignores this and requires "P3P" exactly.
2. I'm not sure how to serve the P3P header on all requests without changing Play's source code (not possible as we host it on Heroku). I've written a PlayPlugin which overrides the "rawInvocation" method, setting the header and returning "false". However, it seems that by returning false, my response header is lost. The only way to make this work then would be to actually serve the content myself there, which is of course not possible. I've also tried a similar approach with "serveStatic", but with the same result.

If anybody has overcome these issues, or has any ideas, please let me know!

 John

[pents90]

An update-- issue 1 is actually due to Heroku, not Play. So, the second issue is the remaining challenge.

Thanks!