Welcome to Geeklog, Anonymous Thursday, March 28 2024 @ 12:30 pm EDT

Geeklog Forums

GL1.5 on Safari doesn't post new stories if you are in 'Private Browsing' mode


darkpaw

Anonymous
gloomy
There seems to be a new 'feature' in GL1.5 that prevents anyone who's using Safari (on Mac or Windows) or anyone who blocks the referrer header in any browser, from successfully posting a story. It's like this:

- In Safari, switch on Private Browsing mode. This simply stops websites from knowing which page you have just come from.
- Click Contribute to start a new story. Enter your story and click to save it.

The story is not saved. THe list of stories is displayed, but you don't get the message about the story having been successfully saved (msg 9). You can go back and try again but it won't work.

- Switch off Private Browsing mode.
- Go back to the story and try to submit it again.

It still won't work. You have to copy the text you've entered, and paste it into a text editor, then click Contribute again and re-populate everything from scratch.

This is a definite change from GL <1.5, and it's pretty annoying.
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
The new security measures to prevent CSRF rely on the referrer.

Switching referrers back on after a save failed won't help because the security token has been used up then (hitting "back" and trying again will use the same, expired, token).

bye, Dirk
 Quote

Status: offline

jmucchiello

Forum User
Full Member
Registered: 08/29/05
Posts: 985
Perhaps a message should display if there is no REFERRER so the user doesn't enter their story or other edit when it can't possibly save.
 Quote

All times are EDT. The time is now 12:30 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content