Re: Witango-Talk: MS Security patch preventing postargs from being submitted

[Alan Wolfe]

that's a bummer, we havent experienced that yet ourselves luckily.   what a mess...why does blame never go where it's due?   Hey one thing you might be able to do is if the patch's presence is able to be detected from the user agent string, you could detect it, tell them what the problem is and keep them out or something...   or if that doesnt work, you could put something like this on the form:   <input type=hidden name=sanitycheck value="1">   and when a form was submitted you could make it only process it if <@arg sanitycheck>=1, else show a message stating they need to apply the antidote patch.   ----- Original Message ----- From: Roland Dumas To: [EMAIL PROTECTED] Sent: Friday, March 05, 2004 2:42 PM Subject: Re: Witango-Talk: MS Security patch preventing postargs from being submitted Thanks. We know it's not spyware because the client's company applied the MS patch to their browsers and as they applied them, each browser became incapable of submitting postargs to their own website. When they applied the antidote patch, they regained postargs. That's pretty cut and dry. Unfortunately, many customers to the retail storefront have these patches and don't know it and think the store is buggy. It's either witango or webstar that's getting trashed by this. I can't tell which. On Mar 5, 2004, at 2:36 PM, Alan Wolfe wrote: spyware/addware can cause this to happen.  Also some versions of browsers that are buggy can cause this to happen (IE for mac is a big offender here), but if this is the case what weve experienced is it wont be missing all args, just some of them.   Anyways, I'm not sure if this helps but theres some _javascript_ at this page that you can use to scan IE for PC for spyware, you could make use it to post a warning saying "warning spyware has been detected on your computer and may cause web pages not to behave normaly".   heres the url: http://www.doxdesk.com/software/js/parasite.html   ----- Original Message ----- From: Roland Dumas To: [EMAIL PROTECTED] Sent: Friday, March 05, 2004 2:26 PM Subject: Re: Witango-Talk: MS Security patch preventing postargs from being submitted This problem is increasing in frequency. Secure forms are being stripped of postargs. This is one of two meltdown problems now. Hasn't anyone else seen it? On Feb 21, 2004, at 8:50 AM, Roland Dumas wrote: On Feb 21, 2004, at 8:48 AM, Mike R. M. Young wrote: Well that explains a few weird bits. It has only been noted on my own machine in this office, (running NT4 server fully updated) and would only appear to happen later in a given day. IE, when the ram is heavily fragmented from a days use. I chocked it up to lack of ram and fragmented memory, but this is makes much more sense. Is there a solution? The next MS Security patch for instance? the report is: Breaks it: MS04-004 Cumulative Security Update for Internet Explorer (832894)   Fixes it: Microsoft KB831167 The bigger question, if this is true, is what is witango doing that other app servers isn't doing? ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf