On Tue, 01 Mar 2011 03:14:01 -0500, Jeremy Henty <onepoint@starurchin.org> wrote:
Benjamin Johnson wrote:
The default is not to allow automatic requests (such as redirects) unless they're from the same domain. Frankly I think this is a stupid default, because even though it's a little more secure, it also breaks most real world sites.
I agree. The default even breaks Google. No doubt the security concerns are real but we need a solution that is not so bad for usability. Does anyone know if other browsers take similar precautions, and what their algorithm is?
Regards,
Jeremy Henty
Opera has Tools -> Preferences -> Advanced -> Network -> Enable automatic redirection, which looks to be the same as the dillorc option, but enabled by default. There's no special algorithm, as far as I know. Regards, ~Benjamin