Trying out something ‘bad’…


So, if you missed it… I was just playing with displaying a poll in the blog… don’t worry, I won’t make a habit of this :)… I did it using the spawn of evil an iframe… I’ve removed it now, the experiment is done… but it exposed an interesting problem. When viewed through the IFRAME IE’s default settings (well, my settings… I’m not sure if they are the default) blocked any cookies from that page, which meant that you could vote as often as you liked… hmm… not a good thing. Obviously a second-line of defense is necessary.

Comments (6)

  1. AndrewSeven says:

    Side note: I can’t see the text of the questions very well…

    IE version : IE 6.0.2800.1106.xpsp2.030422-1633

  2. iframe in an rss feed? BAD BAD BAD man!

    Newsgator showed that as a blank rss feed item 🙂

  3. AndrewSeven says:

    Now its ok, maybe my eyes are broken.

  4. AndrewSeven says:

    Just spotted your email.

    All better now, my eyes were not broken.

  5. Steve says:

    With the non-SP2 version of IE, your cookies would only be blocked if the poll is run on a different domain, and you didn’t declare a P3P privacy policy.

    Perhaps you can fix this problem in SP2 by declaring a p3p header?

  6. Pete says:

    The unlimited voting aspect should be brought to the attention of the Florida Electoral college. Perhaps they can @)#$-up this years election with it instead of boring us with unattractive hanging chads!