I agree with you, but just as a lark, I tried to add a P3P header to
the user() action:
response.headers['P3P'] = 'CP="IDC DSP COR ADM DEVi TAIi PSA PSD
IVAi IVDi CONi HIS OUR IND CNT"'
In theory, this should work, but I still can't login. Check out
stressrelief.co.nr using IE and login as "[email protected]",
password "Ranger".
stressrelief.co.nr points to http://67.213.70.251/welcome/default/index
and if you use the latter URL, login is successful.
Interesting puzzle.
Richard
On Oct 26, 7:34 pm, Anthony <[email protected]> wrote:
> The way your domain masking works is that a frameset is set up at the
> masking URL (stressrelief.co.nr), and your actual site is placed inside a
> frame. In that case, apparently IE doesn't pass the session cookie back to
> your application. Seehttp://adamyoung.net/IE-Blocking-iFrame-Cookies.
>
> It's probably not a good idea to use domain masking anyway (the address bar
> won't show any of your internal URLs -- nothing can be bookmarked). Just
> set up the DNS for your domain to point to your server.
>
> Anthony
>
>
>
>
>
>
>
> On Wednesday, October 26, 2011 6:35:24 PM UTC-4, horridohobbyist wrote:
>
> > Okay, I've made it easier to investigate. I've obtained a free domain
> > name with domain masking...
>
> > stressrelief.co.nr points tohttp://67.213.70.251/welcome/default/index
>
> > The first URL prevents login. The second URL does not. It's the
> > standard web2py Welcome app -- login is "[email protected]",
> > password "Ranger".
>
> > web2py is installed on Ubuntu with the usual Apache configuration:
>
> > <VirtualHost 67.213.70.251:80>
> > WSGIDaemonProcess web2py user=www-data group=www-data
> > WSGIProcessGroup web2py
> > WSGIScriptAlias / /home/www-data/web2py/wsgihandler.py
>
> > <Directory /home/www-data/web2py>
> > AllowOverride None
> > Order Allow,Deny
> > Deny from all
> > <Files wsgihandler.py>
> > Allow from all
> > </Files>
> > </Directory>
>
> > AliasMatch ^/([^/]+)/static/(.*) \
> > /home/www-data/web2py/applications/$1/static/$2
> > <Directory /home/www-data/web2py/applications/*/static/>
> > Options -Indexes
> > Order Allow,Deny
> > Allow from all
> > </Directory>
>
> > <Location /admin>
> > Deny from all
> > </Location>
>
> > <LocationMatch ^/([^/]+)/appadmin>
> > Deny from all
> > </LocationMatch>
>
> > CustomLog /var/log/apache2/access.log common
> > ErrorLog /var/log/apache2/error.log
> > </VirtualHost>
>
> > Richard
>
> > On Oct 26, 3:06 pm, horridohobbyist <[email protected]> wrote:
> > > I've discovered an issue, but I'm not sure if it is specific to
> > > web2py. It might be...
>
> > > I used domain forwarding with masking on stressrelief.drsommers.com to
> > > point tohttp://goodsexnetwork.com/stressrelief. On Internet
> > > Explorer, this hinders the login function -- when you enter username/
> > > password, the browser simply throws you back to the login page (with
> > > no error message).
>
> > > I've gone back to domain forwarding without masking, and now it works
> > > fine.
>
> > > If you want to investigate, you should use domain forwarding with
> > > masking on the welcome app.
>
> > > Note that this issue is IE-specific. I've had no problem with Firefox,
> > > Chrome, Safari, or Opera.
>
> > > Richard
