Thursday, March 19, 2009

when an irresistible force meets...outlook!

[edit] apparently this problem's been fixed in the latest version of Elgg.

So after signing up to SICSA's Elgg (social networking hoodicky) I had a bit of a mail fail:

mail fail!

Found some great new toys debugging this one:
  • Export Cookies allows you to de-sql-arize the Firefox cookies file and use the output in wget's --load-cookies argument.
  • Live HTTP headers allows you to view the headers for all the page's content as it streams by.
Combining the power of these two showed what happened - Outlook's web access (gobshite!) uses javascript forwarding on all email links...

window.location.href = foo.html

...but Elgg's email confirmation scripts forwards to the referrer (for some unknown reason, perhaps the idea is that you never see it). So we have the irresistible force of Outlook vs the immovable object Elgg, giving a redirect loop that sends me an email every time round. The following downloads google's homepage (yay for cheap HTTPS pages without real certs):

wget --no-check-certificate --referer "http://google.com" "https://projectnets.cs.st-andrews.ac.uk/sicsa/action/email/confirm"

The thousand little edge cases like this (browser #342.b with web app #564.j) is the reason we all use commercial networking sites. They have the time and willingness to fix these before release (so I don't have to find them). They also have enough existing users to make it worthwhile filling in the sign up form.

Still it's one more tool to use when rick-rolling academic types eh?

[edit] Here's Elgg's source - looks like someone wasn't quite thinking straight. Bugged.

00043 forward($_SERVER['HTTP_REFERER']);

There's no way this was ever a good idea...

1 comment:

  1. This comment has been removed by a blog administrator.

    ReplyDelete