Redirecting to potentially insecure URL...

Post a reply


This question is a means of preventing automated form submissions by spambots.
Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:

BBCode is ON
[img] is ON
[url] is ON
Smilies are ON

Topic review
   

If you wish to attach one or more files enter the details below.

Maximum filesize per attachment: 1 MiB.

Expand view Topic review: Redirecting to potentially insecure URL...

Re: Redirecting to potentially insecure URL...

by axew3 » Mon Oct 29, 2018 7:07 am

Hi thank, new (dramatically!) improved versions are coming.
In the while if any doubt or bug yes, please post it back.

So in effect it is time i not return over this nor somebody updated the thing about redirect.
The point, as explained on the old article, is that phpBB recognize the passed url (when you click on w3all login widget in wp side, the url point to phpBB that should process the request) as NOT valid internal board link to redirect to (because request come from an external folder by the one where phpBB reside), so if you do not modify the function to treat the passed url as valid, then phpBB will throw the message about potentially insecure URL.

Did you applied one of the suggested solutions on the old article?
But, the login widget isn't anymore so useful, since users can login into wp using any wp login or in phpBB. The login widget come from the very first plugin version, where the joke was necessary because the code was different.
This is also the reason of no updates on this. It is completely not necessary in true. But if you want for some reason, and you still in trouble, let know so we'll resolve.

Redirecting to potentially insecure URL...

by Elaha » Sun Oct 28, 2018 11:27 pm

After following the install instructions, when I clicked "register" from my blog I encountered this problem: https://www.axew3.com/w3/forums/viewtopic.php?t=44. I implemented the first of the two suggestions at https://www.axew3.com/w3/2016/02/phpbb-l ... subdomain/ and the issue went away.

I'm writing this post simply because in the forum post @axew3 writes, "If you find out a different way, secure as the one i suggest on wp_w3all procedure, and better than this to redirect external phpBB, just suggest it please." That was in 2016. So is this still the 'right' way to fix this problem? Also, is this a common issue and, if not, any idea why I experienced it?

Thank you and, by the way, so far this plug-in seems excellent.

Top