Quote:
Originally Posted by darksoul
Jim,
I think the coincidence is a bit too big!
plus you modifyed that .htaccess so badly that you even broke it
Code:
RewriteCond %{HTTP_REFERER} !^$
this means that users with no referrers won't be redirected
if they have ZangoToolbar. Why would you want that ?
Code:
RewriteCond %{HTTP_REFERER} !^http://(.*@)?([a-z0-9-]+\.)*yourdomain\.com(:[0-9]+)?(/.*)?$ [NC]
yourdomain.com\.com(:[0-9]+)? makes no sense either because in mod_rewrite language it means:
"the url might be of the form yourdomain.com:135" or any other group of digits
Is that a new tld extension ?
Using stuff like (.*@)?([a-z0-9-]+\.)* is overkill when you can simply use (.*)? which will match anything. |
First off, I don't surf gfy, I think I probably have one post there. I never saw your post, I didn't know about your solution, but, I don't see that there is any other way to do a webmaster friendly solution without doing it this way.
So, any similarity is just two people coming up with the same answer for the same problem. I got involved with this from a code perspective yesterday morning after seeing what Greenguy and Jim had done and came up with a solution that was a little more robust and flexible than their first version.
As for allowing the empty referrer, surfers use privacy software which blocks the referrer. Using your example .htaccess, if a surfer running privacy software hits your site, they get redirected to dark5.com, but, since they don't set a referrer, how do they get to click on the link back to your site? Try it in firefox, go into about
:config and change network.http.sendRefererHeader to 0 and you should get stuck in the loop. (unless that should be a 3 to not send the referrer -- their config values are a bit cryptic and I didn't test firefox to verify)
It seemed to be a compromise that affected the fewest number of people.
As for properly supporting RFC3986 uri constructs, call me guilty. Ray Morris from StrongBox/bettercgi developed those when we were dealing with hotlinking with a bit of input from the board to make sure that any valid url construct would be covered, but, mangled urls would not be allowed access. I merely copied known tested, valid and working url constructs that absolutely supported every condition we threw at it ages ago.
Code:
RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com.*$ [NC]
Imagine someone bookmarking a members area as http://user:password@www.yourdomain.com/members or someone surfing from a subdomain of http://www4yourdomain8com.someother.info. The members area one would be redirected, whereas the person surfing from someother.info would be granted access.
If a surfer hits http://yourdomain.com/ -- they would be redirected for not having the www.
I still support the .htaccess the way that it was written in part to conversations held directly with Greenguy and Jim and in part due to conditions I thought of that would unnecessarily complicate issues for a surfer. As you have mentioned the javascript back button doesn't make sense, and that was addressed yesterday in private conversations with Greenguy and Jim as were a number of other issues that haven't been raised yet.
I'll state for the record right now that I didn't take your idea and today is the first that I even knew about it. I commend you for coming up with a solution prior to there being demand.