Quote:
Originally Posted by pseudonym
|
It must be my browser spoofing that messes up something in the scripts (the actual browser is not on the accepted list)
Code:
Request #286
GET http://a.webwise.net/services/OO?op=in&success_url=http%3A%2F%2Fwww.webwise.com%2Fprivacy%2Fopt%2Fin-confirm.html&fail_url=http%3A%2F%2Fwww.webwise.com%2Findex.php&already_url=http%3A%2F%2Fwww.webwise.com%2Findex.php
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
Accept-Charset: utf-8;q=0.9,utf-16;q=0.5,ISO-8859-1;q=0.7,*;q=0.6
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Response #286
Status 403; http://a.webwise.net/services/OO?op=in&success_url=http%3A%2F%2Fwww.webwise.com%2Fprivacy%2Fopt%2Fin-confirm.html&fail_url=http%3A%2F%2Fwww.webwise.com%2Findex.php&already_url=http%3A%2F%2Fwww.webwise.com%2Findex.php
Server: Apache
Connection: close
Date: Sun, 03 Aug 2008 22:28:08 GMT
Content-Length: 213
Content-Type: text/html; charset=iso-8859-1
P3p: CP="NOI DSP LAW CURa DEVa TAIa PSAa PSDa OUR STP BUS UNI COM NAV INT"
I can visit the success_url. Browser gives me the same message I see on the home page: "line 179:Null value" which I assume is the ISP sniffing or some other testing.
However, if I use Safari as a browser, I do get an a.webwise.net cookie for opted in but a .webwise.net cookie for opted out. And I am not on the phorming three either.
Conclusion: Not all browsers are equal, even when you spoof them to be an accepted browser through the useragent.