Code/Tea/Etc...

Duncan Mackenzie has too much time on his hands

Trying out something 'bad'...

So, if you missed it... I was just playing with displaying a poll in the blog... don't worry, I won't make a habit of this :)... I did it using the spawn of evil an iframe... I've removed it now, the experiment is done... but it exposed an interesting problem. When viewed through the IFRAME IE's default settings (well, my settings... I'm not sure if they are the default) blocked any cookies from that page, which meant that you could vote as often as you liked... hmm... not a good thing. Obviously a second-line of defense is necessary.

Published Tuesday, July 27, 2004 4:54 PM by Duncanma
Filed under:

Comments

 

AndrewSeven said:

Side note: I can't see the text of the questions very well...

IE version : IE 6.0.2800.1106.xpsp2.030422-1633
July 27, 2004 5:01 PM
 

Barry Dorrans said:

iframe in an rss feed? BAD BAD BAD man!

Newsgator showed that as a blank rss feed item :)
July 27, 2004 5:11 PM
 

AndrewSeven said:

Now its ok, maybe my eyes are broken.
July 27, 2004 5:12 PM
 

AndrewSeven said:

Just spotted your email.
All better now, my eyes were not broken.
July 27, 2004 7:05 PM
 

Steve said:

With the non-SP2 version of IE, your cookies would only be blocked if the poll is run on a different domain, and you didn't declare a P3P privacy policy.

Perhaps you can fix this problem in SP2 by declaring a p3p header?
July 28, 2004 10:10 AM
 

Pete said:

The unlimited voting aspect should be brought to the attention of the Florida Electoral college. Perhaps they can @)#$-up this years election with it instead of boring us with unattractive hanging chads!
July 29, 2004 10:03 AM
Anonymous comments are disabled

This Blog

Syndication

News

This blog has moved to my own VB site

© 2009 Microsoft Corporation. All rights reserved. Terms of Use  |  Trademarks  |  Privacy Statement
Microsoft
Page view tracker