/operate/ - Endchan Operations

Let us know what's up


New Reply on thread #19586
X
Max 20 files0 B total
[New Reply]

[Index] [Catalog] [Banners] [Logs]
Posting mode: Reply [Return]


thumbnail of login fail.png
thumbnail of login fail.png
login fail png
(630.47 KB, 896x1936)
I'm seeing a bug in the login form.
The message says the login was ok, but then no login session is created, and the login is asked again, and again.
It's basically impossible to login currently.

Could you verify if it's an error isolated to my account or if it happens for everyone else?

- nickname and password are correct
- get login ok message
- no login happens
- it's impossible to manage boards like this

I've resolved, the problem was on my side.

I had blocked the http-referer for extra anti-tracking, but that apparently blocks the login form from working.
I've re-enabled the http-referer and now the login form works again.

There are only few sites which break by lack of http-referer, and most often it's the sites which try to fingerprint-datamine more, endchan just accidentally is among those when it comes only to the login form. The rest of endchan works fine even without http-referer.

For those who don't know:
http-referer is an header, sent by the browser, which tells a page what was the address of the previously visited page

for example, if you visit endchan, and then you visit 4chan, the 4chan site will know you were previously on endchan, this applies mostly only to links, pages opened by a clicked link carry with them the http-referer of the site the link was from

the http-referer is often used in two main cases:
1) by site owners to track which sites are linking towards their site, this information can be used to direct advertisement of the site
or if the receiving site is malicious, to target the linked sites, with raids or glownigger takeovers
2) by server owners who want to block their content from being accesses by direct linking, by forcing their content to be loadable only if they carry an http-referer from the site itself, or from a limited list of approved sites

in few other cases the http-referer is used in forms with buttons, either login forms or other request forms (i guess the form method POST is based on the http-referer, if i'm not mistaken)

> i guess the form method POST is based on the http-referer, if i'm not mistaken

I'm mistaken, both the login form and the reply form use the method POST, but the login stops working without http-referer, while the reply form works fine even without. So the method "post" is not reliant on http-referer to work.
So i guess, who programmed this board, had decided to specifically check the http-referer exclusively during the login. And not elsewhere in the site.

Sorry for the false alarm btw, I'm just finding this curious the more i look into it.



thumbnail of spoil.png
thumbnail of spoil.png
spoil png
(243.02 KB, 566x722)
I've retried few some time and the error seems to be constant and doesn't go away.
The image I was trying to spoiler was post #3499 on
https://endchan.net/dump/res/8.html

Last time I checked deleting works fine, it's just spoilering which is busted.



Post(s) action:


Moderation Help
Scope:
Duration: Days

Ban Type:


8 replies | 3 file
New Reply on thread #19586
Max 20 files0 B total