Topic: Frames?

Im not sure if this is a bug or not (its probibly due to 3rd party cookies) but my site uses a .tk domain which encapsulates the site in an invisible frame. When I try to login to the forum while still inside the frame it lets me do all the actions, it even displays the login redirection page and when I am sent to index.php, Im not logged in.

I beleive the problem could be with the domain, because the browser thinks it is at a .tk domain when it isnt, it could be blocking the cookies based on security settings.

I would also like to know why the http_referrer part is used in the forum management page. It regards www. as part of the referral therefore if the referrer is infact correct, but it is preceeded by www. it displays the bad referrer error.

..::|> The7thGuest <|:;..

2

Re: Frames?

It's a known problem, and unfortunately, not an easily solvable one without spending some cash. Read this thread for more info:

http://punbb.org/forums/viewtopic.php?id=2754

3 (edited by The7thGuest 2003-12-22 22:27)

Re: Frames?

Thanks for the fast reply, Sorry I didnt search the forum better, I might have found it.

What about the HTTP_REFERER issue?

Thanks...

..::|> The7thGuest <|::..

Re: Frames?

The HTTP_REFERER check is there to make sure that someone doesn't trick you into visiting a page outside of your domain that submits a form to any of the scripts that does admin/mod stuff. If the check wasn't there, one could easily construct a page with an invisible form that was submitted to your forum that e.g. unbanned a member or de-admined you. The referrer check only applies to admins and mods. You can read more about it here: http://punbb.org/forums/viewtopic.php?id=2295

"Programming is like sex: one mistake and you have to support it for the rest of your life."