phpBB • Creating Communities Worldwide

by **erftforum** » Thu Feb 13, 2003 1:07 am

HI!!

I searched for cookie topics and tried some things but so far no luck... sorry if this has been answered somewhere else. I can only guess how busy you folks are .. anyways my problem is:

Cookie settings

Cookie-Domain (empty)
Cookie-Name phpbb2mysql
Cookie-Pfad /
secure Cookie deaktivated
Session 3600

What happens is if I access the forum via the domain www.erftforum.de which is a simple forwarding to the forum location where the forum is installed I allways have to re-login after I relaoded the page. Even though if I have auto-login activated.

When I access the forum via another subdomain like http://erftforum.rickygarcia.de or directly by typing in the index.php location all works fine... also if you closed the site and relaod you are still logged in.

I tried setting like

.erftforum.de or erftforum.de.

still no success :roll:

any idea??

THANKS!!!

by **cosmos** » Thu Feb 13, 2003 11:27 am

A look upon what is returned by http accesses shows that server-controlled negotiation is taking place, using value Host as the selecting keyword.

Exactly which host carries the forum? Which url? Let's call the previous one a destination host. From which host(s) do you want to redirect to the destination host? And one final question: exactly how have you set up redirection?

by **erftforum** » Thu Feb 13, 2003 11:35 am

cosmos wrote:A look upon what is returned by http accesses shows that server-controlled negotiation is taking place, using value Host as the selecting keyword.

Exactly which host carries the forum? Which url? Let's call the previous one a destination host. From which host(s) do you want to redirect to the destination host? And one final question: exactly how have you set up redirection?

HI and THANKS!! Trying to answer these questions...

The forum is located here:
http://www.rickygarcia.de/beta/forum/index.php

The same webprovider allowse me multiple subdomains so I installed one like this:
http://erftforum.rickygarcia.de ---> to
http://www.rickygarcia.de/beta/forum/index.php
there are no settings I can change and as far as my knwoledge goes this is a FRAME forwarding so that the subdomain name keeps appearing in the address line of the browser (IE 6). Cookies and automated login works fine here!!

the other forwaring is:
http://www.erftforum.de ---> to
http://www.rickygarcia.de/beta/forum/
in the setup of that third parity provider which has nothing to do with the company that hosts the forum they dont let me specefy a target file on the server I am forwarding to... only a folder which has to contain an index.html. Autologin DOES NOT work!

I hope that helps!! :roll:

by **cosmos** » Thu Feb 13, 2003 11:50 am

There is more actually than the difference between the two virtual redirects: inclusion of "index.php" in the first case is one thing. The other is that in the problematic case, the parent page (frame) designates the destination url (frame) with a name="_redirected_content_" property...

The obvious solution is to ask your provider to have exactly the same frame-redirect page in order to have the same "correct" effect.

In the meantime, you could try setting cookie domain in phpbb admin to .rickygarcia.de. Clear all your browser cookies and try to login again. Does that solve the problem?

by **erftforum** » Thu Feb 13, 2003 12:00 pm

I think IT WORKS NOW!!!!! with the .rickygarcia.de setting... could have treid that actually before !! sorry!!

THANKS!!!!!!!!!

by **cosmos** » Thu Feb 13, 2003 12:00 pm

A possibility of what is going on... You are using IE 6.0, right? Do you see a red block icon in the IE bottom bar when accessing www.erftforum.de ? for the first time

What I believe happens is that IE checks and sees that although you've started with www.erftforum.de (in domain erftforum.de) you are loading a frame http://www.rickygarcia.de/beta/forum/index.php (which belongs to different domain rickygarcia.de). IE treats forum cookies as external ones and might be blocking them in your first access.

This does not happen with the first redirection (from erftforum.rickygarcia.de) since the original url belongs to the same domain as the destination one. Hence, IE does not trigger its privacy measures...

Well, just a thought.

by **cosmos** » Thu Feb 13, 2003 12:02 pm

Nice to hear that!

by **erftforum** » Thu Feb 13, 2003 12:18 pm

cosmos wrote:Nice to hear that!

YES!! So far all is good now.. I let you know if anything happens!!

THANKS MAN!! :wink:

by **cosmos** » Thu Feb 13, 2003 12:24 pm

Just a final thought: I assume you did delete all your cookies after performing the admin change, correct? It might be a good idea to instruct all your forum users to clear their cookies, too, in order to avoid duplicate ones: the ones from the previous phpbb setup and the new ones, with the modified cookie domain.

by **erftforum** » Thu Feb 13, 2003 12:48 pm

Mhhh.... I am still not sure whats going on but at some point I had relogin again but then after I posted on the forum I kept logged in even though reloading. Still not sure what excat pattern it was... I let ya know.

by **erftforum** » Thu Feb 13, 2003 12:53 pm

I think we are back to the start :-(

Thats why I dropped studying computer programing and did music!

I see the RED blocked Icon btw!!

I also deleted all the cookies through the explorer settings..

by **erftforum** » Thu Feb 13, 2003 1:01 pm

I realized that you can change your cookie settings from medium to light and accepting third parity cookies as well... that window opened by clicking on the red.blocked eye. Is that a high risk to change that setting?

it says http://www.rickygarcia.de/beta/forum BLOCKED

when you launch the forum via erftforum.de but you can also set permission for it manualy just for that site?? maybe thats a way to get it to work ?

I think it does...

by **cosmos** » Fri Feb 14, 2003 6:10 am

cosmos wrote:What I believe happens is that IE checks and sees that although you've started with www.erftforum.de (in domain erftforum.de) you are loading a frame http://www.rickygarcia.de/beta/forum/index.php (which belongs to different domain rickygarcia.de). IE treats forum cookies as external ones and might be blocking them in your first access.

Unfortunately, this theory is confirmed. This problem will definitely affect IE 6 users, since by default third-party cookies ("external cookies" in my quote) are blocked.

This leaves you with a number of alternatives of what to do next. You can pick whichever you want of course:

Stop using www.erftforum.de altogether
Ask your provider to provide HTTP-based (instead of frame based) redirection of http://www.erftforum.de -> http://erftforum.rickygarcia.de
Create a P3P policy (see http://p3ptoolbox.org/guide/ for details) for site www.erftforum.de. Rather difficult to do though...
Ask your provider whether you could make the DNS entry www.erftforum.de be the same as www.rickygarcia.de. In this case the www.rickygarcia.de web server should possibly also have to virtual host www.erftforum.de.
Ask all your users to lower IE privacy settings (highly unlikely that this will happen though)

From all these alternatives, number 3 is the more robust and would allow you to have www.ertforum.de displayed in the location bar, BUT you shall have to dig up some technical information. If that is not possible, you should definitely consider number 2.

by **erftforum** » Fri Feb 14, 2003 10:17 am

HEY!!

THANKS A LOT for all the great support man!!:-)

I think for now I will go the simplets way and that is to let the users change the security settings but just for that specific domain manually. Here you can see some snap shots I made.

http://www.rickygarcia.de/beta/forum/viewtopic.php?t=49

At least it works that way without having to lower the general security settings for cookies! For now this forum has to accomplish itself first. By then its allways an option to get some webspace for the erftforum.de domain and move the forum to that location.

Thanks again!!

greetings

ricky

Who is online

Advertisement