Request was blocked (not allowed)

[Gerard]

Goodmorning bakers,

I've got a problem with my website. The problem is not in WB but in the savetypolicy of my host. Since 2 january they enhanced their policy wich includes that it's not allowed to use "http://" in a querystring. A visitor gets the warning "Request was blocked (not allowed)" from the server when he tries to open a bookmarked page for which he has to log in. He doesn't get the warning when he first logs in but I prefer it to get the loginscreen in stead of the warning.
This querystring is generated by WB, I suppose. I allready had several looks in the code of WB but I have no idea where to start. Unfortunely I'm not a webspecialist or whatsoever so I wonder if you can help me further on.

In short: is it possible to let WB generate querystrings without this "http://" thing so my visitors get a loginpage instead of a warningpage of my host?

Any suggestions are most appreciated.

Regards,

Gerard

[ruebenwurzel]

Hello,

i think this needs a totally rewrite of WB because the WB_URL variable is a basic variable wich is needed for to get all working. So befor rewriting WB maybe it is better to ask the hoster for a solution or if not possible to look for another hoster.

Matthias

[Gerard]

 

Hi Matthias,
I allready thought it would be dificult. Please do not rewrite WB. It works fine as it is now. (Far better then the most of all other cms-systems I tried in the past.)

I just asked my hoster to look for a solution. I got already an answer and I hope it will be solved soon. In general I'm satisfied with this host.

Thanks anyway.

Cheers,

Gerard

[pcwacht]

Not sure and not tested


Did you try to alter the WB_URL  variable in your config. p h p  to do without the http:// part?
( p h p with spaces to fool this forum   )
define('WB_URL', 'http://somedomain/');
to
define('WB_URL', '/');

or if you have wb in a folder
define('WB_URL', 'http://somedomain/somefolder');
to
define('WB_URL', '/somefolder');

John

[Gerard]

Hi bakers,

Thanks for your attentions in the first place. Well, I got an answer which works fine. A crewmember (Alex) of my host has been playing around in the code of my WB installation and the template I use and found a solution. Beneath you find the changes he made. And it works fine for me. I finally get the loginscreen and my domain remains protected by the filter of my host. (Another soulution would be to put my domain on a list of exceptions but we prefered a more elegant way to solve this and keep the filter in use)

Here we go: (I don't know how to exactly place code in a thread (I know Bulletinboard e.g. can get stange behaviars), if you find it must be altered, please feel free to do that) Also notice that I don't know exactly the meaning of this code; I'm an amateur-baker with limited skills in webdesign 

------------------------------------------------------------------------------------------------------

account/login.p h p.
r56-59:

if ($_REQUEST['bla']) {
$redirect = "http://".$_REQUEST['redirect'];
}
$thisApp = new Login(

r70:
"LOGIN_URL" =>
WB_URL."/account/login".PAGE_EXTENSION.'?redirect='.$redirect,

r78:
"REDIRECT_URL" => $redirect

account/login_form.p h p.
r65:
<input type="hidden" name="redirect" value="http://<?p h p echo
$thisApp->redirect_url;?>" />

framework/class.frontend.p h p.
r203-204:
$redirect = str_replace ('http://', '', $this->link);
header("Location:
".WB_URL."/account/login".PAGE_EXTENSION.'?redirect='.$redirect);

templates/industry1/index.p h p.
r60:
<input type="hidden" name="redirect" value="http://<?p h p echo
$thisApp->redirect_url;?>" />

------------------------------------------------------------------------------------------------------------


I did not discover any problems in WB after the changes were made.

Cheers,

Gerard

(Edit: 28-02-2007 at 0:19: put spaces in every p h p extension)