BUG WATCH! - If you see a bug report it here!

[Dan Q]

Two suggestions:

Update advice on "surf no embed" page?

The Surf Navigator's "I can't embed this in a frame" page contains the following text:

If you are the site owner, you'll need to enable "X-Frame-Options: ALLOW-FROM" in your web server configuration to fix this error!

This is probably outdated advice. The ALLOW-FROM directive isn't supported by any modern browser except Firefox for Android. People should probably be pointed in the direction of Content-Security-Policy: frame-ancestors instead.

Update backend code detecting non-embedability?

Possibly the backend code is also looking for this header, too, in order to set up the allowsEmbed attribute in surfClubSites.json?

If both an X-Frame-Options: and a Content-Security-Policy: header are present, and the Content-Security-Policy: header contains a frame-ancestors directive, then the latter takes precedence!

For example, https://danq.me/ exposes the following headers:

Code

X-Frame-Options: SAMEORIGIN
Content-Security-Policy: [...] frame-ancestors 'self' https://melonland.net; [...] 

These headers say:

• If a browser understands only the X-Frame-Options: header, only allow danq.me to load danq.me in a frameset
• But if the browser understands the more-modern Content-Security-Policy:, also allow danq.me to be loaded in a frameset by melonland.net

That latter directive ought to make the surf navigator work. In fact, it does, if I manually hack the src of the <iframe> with my debugger (you can try this yourself by going to https://melonland.net/surf-navigator?site=3133 and repointing the <iframe> from small-pages/surf-no-embed.html to https://danq.me/ - it should work)! But I'm guessing that the backend code is seeing my "fallback" X-Frame-Options: SAMEORIGIN and disallowing it from being shown?

Hope that all makes sense. Sorry I keep making work for you!

[KiwiMeowo]

When I post a reply with a quote in a forum and get alerted by the "quote is too long" warning, I couldn't edit the message until I refresh or click preview.

[Dan Q]

Since the HTTP compatibility changes, the "click here" (to approve or deny their request) link when somebody sends you a buddy request is broken. It looks like the link was a scheme-neutral one (beginning //) but has accidentally been preprended with a scheme and domain, resulting in links that look like this:

Code

<a href="http:////forum.melonland.net///forum.melonland.net/index.php?action=profile;area=lists;sa=buddies;u=3133" class="bbc_link" target="_blank" rel="noopener noreferrer">Click here</a> to approve or deny their request.

Or else possibly a double-escaping issue.

[Melooon]

Since the HTTP compatibility changes, the "click here"

Possibly fixed! Thanks for reporting this one, I suspect there will be a few bugs like this - I think its because the PM you receive is going through normal text processing, but its using an internal server address, I suspect any server-sent-PM might have this issue, but buddies might be the only subsystem to do that?? Unless guilds do them too?

[larvapuppy]

@Melooon I can confirm that the guild requests do the same thing!

[ABlueRose]

Something seems to be wrong with the RSS feed for the forum. Even after re-adding the forum to my reader, I haven't gotten any updates since December 2nd (I am pretty new to using RSS feeds though, so sorry if I'm doing something dumb on my end!)

[Dan Q]

Something seems to be wrong with the RSS feed for the forum. Even after re-adding the forum to my reader, I haven't gotten any updates since December 2nd (I am pretty new to using RSS feeds though, so sorry if I'm doing something dumb on my end!)

What's the URL you're using for the feed?

There's an RSS feed at https://forum.melonland.net/index.php?action=.xml;type=rss;limit=15 and it looks valid to me, and the most recent post matches with what I'd suspect is the most-recent post.

There's an Atom feed at https://forum.melonland.net/index.php?action=.xml;type=atom;limit=15 which  seems not to validate... but I think the validator's wrong: the feed content looks okay to me, and I just tested it in a feed reader and it seemed to work. And it still showed what I'd expect to be the most-recent post.

But possibly you're using a feed from some other URL?

[Melooon]

There's an Atom feed at

I have had issue's where the atom feed will randomly stop updating for me too; its like there something that glitches it out every now and then and the only way to fix it is to delete the feed from my reader and re-add it a few days later. I've never really figured out the issue though, it must be a fault in every SMF forum since we are running standard feed code

[Melooon]

Something seems to be wrong with the RSS feed

I issued some fixes and did some testing; I suggest you remove and re-add the feed from here - be sure not to use the atom link since it seems to be buggy!

(ALSO: if you are using an older feed reader you can now access the feed vita HTTP instead of HTTPS - this may help some people!)

Lemmy know if you run into future issues

[MediocreMetastasis]

This is a very odd issue but whenever I leave the forum page open in a tab and I restart my browser I get pinged notifications for alerts I have already seen and viewed.

[Dan Q]

This is a very odd issue but whenever I leave the forum page open in a tab and I restart my browser I get pinged notifications for alerts I have already seen and viewed.

This'll be because new alerts get picked up by each tab, but alerts that you click on only trigger an event in the current tab. And your browser is caching the DOM. I guess.

It'd probably be a huge pain for @Melooon to implement a solution for (I'd guess), requiring additional checks in the "do I have alerts?" callback. Refreshing the page should make them go away (because you've already viewed them). Telling your browser, if possible, not to cache the DOM for left-open tabs will also work, but with a performance hit (it'll have to load pages you already had-open when you restart your browser, rather than just showing it in its previous state).

[ABlueRose]

What's the URL you're using for the feed?

There's an RSS feed and it looks valid to me, and the most recent post matches with what I'd suspect is the most-recent post.

There's an Atom feed at https://forum.melonland.net/index.php?action=.xml;type=atom;limit=15 which seems not to validate... but I think the validator's wrong: the feed content looks okay to me, and I just tested it in a feed reader and it seemed to work. And it still showed what I'd expect to be the most-recent post.

I issued some fixes and did some testing; I suggest you remove and re-add the feed from http://forum.melonland.net/index.php?action=.xml;type=rss;limit=15 - be sure not to use the atom link since it seems to be buggy!

Lemmy know if you run into future issues

That was the issue! I didn't realize there was two feeds, and I was using the atom feed. Thank you so much, both of you!!!