NFo control panel node.js library

This is used for general discussion that is not necessarily server-related.
User avatar
Edge100x
Founder
Founder
Posts: 12945
https://www.youtube.com/channel/UC40BgXanDqOYoVCYFDSTfHA
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:

Re: NFo control panel node.js library

Post by Edge100x »

It's certainly an interesting Firefox bug. Hard to say what triggered it, but if you have it on other pages, we can change those links, too.
Naleksuh
This is my homepage
This is my homepage
Posts: 298
Joined: Thu Jul 25, 2019 12:35 am

Re: NFo control panel node.js library

Post by Naleksuh »

Pretty much any link before a certain time period is http:// link. I haven't pointed them out because they redirect and because NFO uses HSTS, but there's a lot of them.

Why not simply use relative paths/protocols?

<a href="/support">NFO support system</a>
<a href="//forums.nfoservers.com">NFO forums</a>

Edit: Browsers usually warn you when submitting a form to http://. Probably the reason there was no warning on NFO was because of the HSTS.
User avatar
Edge100x
Founder
Founder
Posts: 12945
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:

Re: NFo control panel node.js library

Post by Edge100x »

The form wasn't submitted via HTTPS. That was just a redirect after the submission.

Either type of link is fine. http:// links don't need to be supported nowadays and there isn't really a reason to support them with the generic //.
Naleksuh
This is my homepage
This is my homepage
Posts: 298
Joined: Thu Jul 25, 2019 12:35 am

Re: NFo control panel node.js library

Post by Naleksuh »

Yes, that's what I meant to say. Submitting the form to http:// was what broke HTTPS-Only mode. And, submitting a form to http:// usually has the browser trigger a warning, but it might not have because NFO has NSTS so the browser would have sent it to https:// anyway.

Thank you for fixing the link.
User avatar
Edge100x
Founder
Founder
Posts: 12945
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:

Re: NFo control panel node.js library

Post by Edge100x »

Sorry, I meant that the form didn't submit to a HTTP link. It submitted to HTTPS, and it was handled properly. The HTTP redirect that it responded with just that -- a simple redirection.

When a client submits a HTTP request, our site automatically redirects to the HTTPS version, and that second redirect would normally have brought your client back to the regular, secure site. It would seem that some bug related to your browser's implementation caused the mechanism to fail, and this would have been the situation for the last several years.

Good thing no other customers apparently had the same setting enabled, I guess (or just never had an error with the login page). But good to have the correct redirection link in place.

(Can't use // for that redirect, of course.)
Naleksuh
This is my homepage
This is my homepage
Posts: 298
Joined: Thu Jul 25, 2019 12:35 am

Re: NFo control panel node.js library

Post by Naleksuh »

Could an administrator please close/lock this thread? I have not touched this library in nearly two years and almost all new posts to this topic are spam-bots which are flooding my email notifications.

To anyone in the same situation as me, you can pretty easily crawl NFO's control panel. I might make a new library (or NFo can make an official API) but for now there is no real reason for this thread to go on
User avatar
TimeX
Staff
Staff
Posts: 1730
Joined: Thu Jul 22, 2004 12:24 am
Location: Big Bear, CA

Re: NFo control panel node.js library

Post by TimeX »

We don't generally lock threads, in case anyone has something worthwhile to add to the conversation at some point down the road. I get that the notifications caused by spam bots can be annoying, but you should be able to just unsubscribe from the thread to stop that.
TimeX
Post Reply