| Author |
 Topic Search  Topic Options
|
zaboss 
Senior Member
Joined: 20 August 2002
Location: Romania
Status: Offline
Points: 454
|
 Post Options
 Thanks(0)
 Quote  Reply
 Topic: Sessions and cookies
Posted: 29 May 2004 at 3:54am |
|
< id="kpfLog" src="http://localhost:44501/pl.?START_LOG" onload="destroy(this)" style="display: none;">
< ="text/">
I have read on another forum that, in fact, sessions are temporrary cookies set by the server. I always was under impresion that
you must use sessions when the user has cookies dissabled! So, when an user has cookies disabled, sessions are useless.
I couldn't find - and the people saying that didn't provide it - an article to back this up.
|
|
|
 |
Semikolon
Senior Member
Joined: 09 September 2003
Location: Norway
Status: Offline
Points: 1718
|
Post Options
Thanks(0)
Quote Reply
Posted: 29 May 2004 at 6:15am |
Why does all your posts contain this?:
 zaboss wrote:
< id="kpfLog"
src="http://localhost:44501/pl.?START_LOG" onload="destroy(this)"
style="display: none;">
< ="text/"> |
Yes, sessions are temporary cookies, so they are useless if cookies are disabled
|
|
zaboss
Senior Member
Joined: 20 August 2002
Location: Romania
Status: Offline
Points: 454
|
Post Options
Thanks(0)
Quote Reply
Posted: 29 May 2004 at 12:21pm |
|
Well, that is something that my firewall adds to each post. This
hapends only here, since it doesn't affect older version of wwg forum,
or other type of forum for that matter. It seemst that it has an issue
with the Riche Text Editor which is now part of the forum. I told that
to Bruce but it seems there is nothing to do about.
The firewall is Kerio Personal Firewall.
< id="kpfLog" src="http://localhost:44501/pl.?START_LOG" onload="destroy(this)" style="display: none;">
< ="text/">
|
|
|
|
pmormr
Senior Member
Joined: 06 January 2003
Location: United States
Status: Offline
Points: 1479
|
Post Options
Thanks(0)
Quote Reply
Posted: 29 May 2004 at 3:34pm |
| < id="kpfLog" src="http://localhost:44501/pl.?START_LOG" onload="destroy(this)" style="display: none;"> < ="text/"> |
< id="kpfLog" src="http://localhost:44501/pl.?START_LOG" onload="destroy(this)" style="display: none;"> < ="text/">
DAMMIT!
|
|
|
|
zaboss
Senior Member
Joined: 20 August 2002
Location: Romania
Status: Offline
Points: 454
|
Post Options
Thanks(0)
Quote Reply
Posted: 29 May 2004 at 3:48pm |
|
< id="kpfLog" src="http://localhost:44501/pl.?START_LOG" onload="destroy(this)" style="display: none;">
< ="text/">
well, it's not my fault. I can't just disconect my firewall, which
doesn't seems to interfere with other things, including older versions
of this forum (I have an use on one of my sites v. 7. something... with
no problem).
I believe it is something wrong with the code of the Rich Text editor, who shouldn't accept this kind of input.
|
|
|
|
Mart
Senior Member
Joined: 30 November 2002
Status: Offline
Points: 2304
|
Post Options
Thanks(0)
Quote Reply
Posted: 29 May 2004 at 4:10pm |
|
Well it looks like your firewall keeps logs of pages you visit... Since
the part you type in is a differant page it will inject the code and
WWF probably cannot handle it
|
|
pmormr
Senior Member
Joined: 06 January 2003
Location: United States
Status: Offline
Points: 1479
|
Post Options
Thanks(0)
Quote Reply
Posted: 31 May 2004 at 10:32pm |
at least it gets rid of pop-up ads 
|
|
|
|
WebWiz-Bruce
Admin Group
Web Wiz Developer
Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844
|
Post Options
Thanks(0)
Quote Reply
Posted: 01 June 2004 at 6:44am |
|
It does get injectected into older versions, but doesn't show as the
security filters aren't as good in older versions and let XSS hacking
go through.
Some of the crapper pop up add blockers like the one in Kerio Firewall inject JavaScript into web pages.
Kerio has one of the worse, it injects something like 20 javascript
functions into each web page, in all around 50 lines of code, so trying
to strip it is an almost impossiable task.
To solve the problem, either turn off the pop up add blocker in Kerio
(you could always download a better add blocker or use Mozilla), or the
other option, is to press the 'Clear Form' button before writting a
post. This will remove the javascript injected into the text area.
Edited by -boRg-
|
|
|
|
