Recent Microsoft Update breaks FM solutions!!!

[ibiubu]

I am not sure if other users have done this, but there are times that I want to direct users to a specific DB record using a redirect script in my web pages. I use a redirect script or inline action. This then includes all the information such as -db, -format, -find and etc. The user then goes to the page containing this redirect, the script then redirects them to what I want them to see. Easier than me trying to provide them with a long URL. Cleaner than having to put a link on the page and make them click.

Anyway, you can forget about doing this anymore. Microsoft just released a update Feb. 10th that makes changes to explorer on the PC. Anyone that applies this update will see a error page under the above scenario.

In other words, I have a couple of solutions that I host a blank page with my ISP provider. My clients go to that URL, that blank page loads, and they are re-directed to my internal FM server. Not anymore. With this new update installed, the user is not redirected, they just see a error page now.

Got to love Microsoft when they take it upon themselves to dictate what they think should and should not be internet standards. Now i wil have to re-do a lot of my pages.

LR

[ibiubu]

I have a thread going in CDML. But just in case, here is what MS did.

I have confirmed that anyone who uses the latest MS critical update will no longer be able to access URL's that contain username and password (http://username:password@domain/FMPro?...). This will affect FM developers that try to use this type of URL in any way in their solutions.

Got to just love Microsoft. Here is what they say users should do if they still want to include username and password information in URL's, and I quote:

"If users typically type HTTP or HTTPS URLs that include user information in the Address bar, or click links that include user information in HTTP or HTTPS URLs, you can work around this new functionality in Internet Explorer in two ways:

1. Do not include user information in HTTP or HTTPS URLs.

2. Instruct users not to include their user information when they type HTTP or HTTPS URLs."

What a great NON-SOLUTION they are providing us. I love how they say we can "work around" this issue by telling us to just not use this practice anymore.

Larry

[Steve T.]

Hi, ibiubu! I don't have access to a newly-updated Windows system so cannot check, but I'm not sure I understand exactly. For the redirect, are you using the META REFRESH tag for this?

<META HTTP-EQUIV="Refresh" CONTENT="1; URL=http://www.myserver.com">

Hmm.. this seems strange. They make it to your server (FMP error message) but the action (-find, -new, -edt, etc.) is not performed correctly. Can there be some kind of URL character maximum now that does not allow large strings and your action is getting cut off and not processed? Maybe shorter URLs will still work, in which case you could reduce your parameters... just a thought.

If this is true, I'm sure lots of folks will have to re-work solutions. IE Windows is by far the most common browser.

--ST

[Steve T.]

Ooops! You got the answer before I finished (stopped to get lunch). Nevermind.

--ST