Popup Blocker, Norton Internet Security...
Members with pop up blocker and/or Norton Internet Security installed are not able to use the forum properly. A:
This problem is two-fold:
Problem 1. Popup blockers Beginning version 2.1.5, includes an option to turn on/off popup message posting/replying/editing in each members profile.
- The popup blocker is not doing its job
- Norton Internet Security is filtering out HTTP referrer field
A good popup blocker should not block requested pop-ups, otherwise it is interfering with your normal browsing and legitimate sites. The pop-up blocker at least has got to have the option to accept and display requested pop-ups.
The pop-up windows we use in our software is by no means "Ads" that have been flooding the Internet everywhere, and we never pop up any windows without user' s "click" first. Therefore, if the popup blocker is killing even requested pop-ups, it is just a piece of poorly designed software (non-selective, interfering with your browsing activity).
Mozilla, Firefox, and Opera have popup blocking capability built-in in the browsers (selective and effective), and users with such browsers do not have any problem with our software at all and can still prevent seeing annoying ads. However, IE users with popup blocker installed might have problems if the blocker is poorly designed or is configured improperly.
To fix the problem, you can either:
- Set " Enable pop-up" for the forum URL in question in your pop-up blocker software
- Set " Accept requested pop-up" in your pop-up blocker
- If your pop-up blocker does not have the options above, choose a better one.
For IE users on Windows XP, they can get a native IE popup blocker by downloading and installing Windows XP SP2. For IE users on other versions of Windows, both MSN and Google toolbar provide good alternatives to those poorly designed popup blockers. Problem 2. NIS blocking "referrer" info
Norton Internet Security users may have a problem with "referrer" being blocked. HTTP referrer is a piece of info that is sent back by your browser to the server. Our software requires this piece of info for security reasons, and if this piece of info is deliberately erased by NIS, you will have problem performing " POST" activity with the forum.
To remedy, try this link from Symantec: How to pass referrer information to specific Web pages in NIS and NPF 2002 and earlier
How to pass referrer information to specific Web pages in NIS and NPF 2003 and 2004
You can allow referrer checking for the forum URL in question, and this is by no means a security problem. Other similar software can also be configured accordingly.
- OR - As a forum admin, you can disable referrer checking in the admin control panel.
In order to protect the forum and the server from possible malicious attacks, we check the referrer field to make sure that all the HTTP POST actions are initiated from within the forum environment. For example, if you have a forum that allows guest to post, without checking the referrer field, the forum can possibly be flooded with junk messages. Of course we have other mechanisms to protect the forum software (flood control, etc.), referrer field checking is the best way to avoid attacks on the forum. Conclusion
The two things we mentioned above are only problems if the client side software are not configured properly. In most cases, users can just add the forum URL in question as a "Trusted Site" in the security software to prevent all problems altogether.
post edited by Samuel -