Dela via


Trying out something 'bad'...

So, if you missed it... I was just playing with displaying a poll in the blog... don't worry, I won't make a habit of this :)... I did it using the spawn of evil an iframe... I've removed it now, the experiment is done... but it exposed an interesting problem. When viewed through the IFRAME IE's default settings (well, my settings... I'm not sure if they are the default) blocked any cookies from that page, which meant that you could vote as often as you liked... hmm... not a good thing. Obviously a second-line of defense is necessary.

Comments

  • Anonymous
    July 27, 2004
    Side note: I can't see the text of the questions very well...

    IE version : IE 6.0.2800.1106.xpsp2.030422-1633
  • Anonymous
    July 27, 2004
    iframe in an rss feed? BAD BAD BAD man!

    Newsgator showed that as a blank rss feed item :)
  • Anonymous
    July 27, 2004
    Now its ok, maybe my eyes are broken.
  • Anonymous
    July 27, 2004
    Just spotted your email.
    All better now, my eyes were not broken.
  • Anonymous
    July 28, 2004
    With the non-SP2 version of IE, your cookies would only be blocked if the poll is run on a different domain, and you didn't declare a P3P privacy policy.

    Perhaps you can fix this problem in SP2 by declaring a p3p header?
  • Anonymous
    July 29, 2004
    The unlimited voting aspect should be brought to the attention of the Florida Electoral college. Perhaps they can @)#$-up this years election with it instead of boring us with unattractive hanging chads!