Gossamer Forum
Home : Products : Gossamer Forum : Discussion :

Server security screwing up forum

Quote Reply
Server security screwing up forum
My host recently increased security on the server. If you click on the 'homepage' link for a user, like the one at http://example.com/...i?username=dreamworx, it reports an internal error. This is caused by the server rejecting the http:// in the middle of the URL used to access the user's homepage.

This change in security messed up another part of my site (which I was able to fix easily), and my host says the URL used is improper HTML anyway. What do you think and is there a fix for these links?

Jason
Quote Reply
Re: [wickedmoon] Server security screwing up forum In reply to
In Reply To:
My host recently increased security on the server. If you click on the 'homepage' link for a user, like the one at http://example.com/...i?username=dreamworx, it reports an internal error. This is caused by the server rejecting the http:// in the middle of the URL used to access the user's homepage.

This change in security messed up another part of my site (which I was able to fix easily), and my host says the URL used is improper HTML anyway. What do you think and is there a fix for these links?

I'd be interested to hear their rationale for calling it "improper HTML," as well as their rationale for disallowing URL's in a GET request. You could work around it by linking to the site directly instead of forwarding through gforum.cgi, but doing so opens a security hole, making Gossamer Forum less secure, not more secure.

Jason Rhinelander
Gossamer Threads
jason@gossamer-threads.com