Yahoo: Auto Login 09.06.28 (edit! multi) [sd] (o.s)
|
Oct. 14, 2011, 10:49 AM
Post: #1
|
|||
|
|||
Yahoo: Auto Login 09.06.28 (edit! multi) [sd] (o.s)
has anyone else experienced intermittent issues with the Yahoo Auto Login? cache is clear BEFORE the auto login is attempted, login fails, continues to fail until you clear the cache AGAIN...
|
|||
Oct. 14, 2011, 05:58 PM
Post: #2
|
|||
|
|||
RE: Yahoo: Auto Login 09.06.28 (edit! multi) [sd] (o.s)
After it fails, does http://www.yahoo.com/ show you to be logged in?
Mine is based on sidki's. Last failures were caused by a Yahoo mail redirect to some kind of "Welcome" page. Logging in normally and completing the "Welcome" 'fixed' things. |
|||
Oct. 14, 2011, 07:42 PM
Post: #3
|
|||
|
|||
RE: Yahoo: Auto Login 09.06.28 (edit! multi) [sd] (o.s)
it's intermittently "not" logged in a half a dozen times earlier today, but now that i *WANT* it to "not" log in, it's logging in
i'll monitor it over the next couple of days and see if it "fails" to log in again... it's like finding a rattle in a car door, the rattle stops as soon as you let someone else drive and you're sitting in the passenger seat to track down the rattle... |
|||
Oct. 16, 2011, 08:59 PM
Post: #4
|
|||
|
|||
RE: Yahoo: Auto Login 09.06.28 (edit! multi) [sd] (o.s)
(Oct. 14, 2011 05:58 PM)JJoe Wrote: After it fails, does http://www.yahoo.com/ show you to be logged in? nope, not logged in... i'm landing here - http://https-px-.login.yahoo.com/config/...m&.intl=us and the form on the right for ID and password is empty... i can "refresh" a hundred times and it remains empty and no login... clear the cache, refresh again, auto-login works... |
|||
Oct. 16, 2011, 09:52 PM
(This post was last modified: Oct. 16, 2011 09:55 PM by Graycode.)
Post: #5
|
|||
|
|||
RE: Yahoo: Auto Login 09.06.28 (edit! multi) [sd] (o.s)
I don't know if it matters to Proxo but ... In the past month I've seen multiple SSL vs. Non-SSL conflicts happening at Yahoo.
For example there's been regular GET requests (not SSL CONNECT) targeting port :443 Code: login.yahoo.com:443/?.intl=us Maybe it's not related to your issue in Proxo, or maybe it is. Either way something's recently broken at Yahoo irregardless of Proxo. In my case I don't allow non-SSL to target port :443, and there's only a few instances where I'll allow an SSL CONNECT to target a port other than :443. |
|||
Oct. 16, 2011, 11:17 PM
Post: #6
|
|||
|
|||
RE: Yahoo: Auto Login 09.06.28 (edit! multi) [sd] (o.s) | |||
Oct. 17, 2011, 12:42 AM
Post: #7
|
|||
|
|||
RE: Yahoo: Auto Login 09.06.28 (edit! multi) [sd] (o.s)
(Oct. 16, 2011 11:17 PM)ProxRocks Wrote: "how" ? I don't know about Proxo. It's something I inforce in my proxy, which is not Proxo. You know there's a lot of open ("public") proxy instances out there. For normal SSL they might receive something like: Code: CONNECT www.example.com:443 HTTP/1.1 But now consider when one of those proxies receives something like this: Code: CONNECT 127.0.0.1:445 HTTP/1.1 A more connom scenario would be something like: Code: CONNECT www.example.com:25 HTTP/1.1 I consider TCP port :443 to be strictly for SSL CONNECT and deny (block) its use for non-SSL. Then I restrict the SSL CONNECT to only port :443, with an exception list for a few destinations in a non-standard usage. An example exception would be where I allow tunneling of MS Messenger IM on :1863. Another example would be one of my routers that I can access its configuration with SSL via a non-standard port. If, as in this case, some Yahoo page generates a non-SSL GET request to port :443, then I just say no. Activity like that would often be for malicious intent. But in Yahoo's case it's probably bugs in some HTML generator they wrote & recently modified. An HTTP GET is not a CONNECT, even if it misleadingly specifies :443 Code: GET login.yahoo.com:443/?.intl=us HTTP/1.1 I only brought this up in case it has something to do with the issues you're having with Yahoo login. |
|||
Oct. 17, 2011, 04:44 PM
Post: #8
|
|||
|
|||
RE: Yahoo: Auto Login 09.06.28 (edit! multi) [sd] (o.s)
(Oct. 16, 2011 08:59 PM)ProxRocks Wrote:(Oct. 14, 2011 05:58 PM)JJoe Wrote: After it fails, does http://www.yahoo.com/ show you to be logged in? Filter is probably missing, assuming you don't see Quote:Submitting your Yahoo data... Assuming that the miss is due to excessive code, clearing the cache gets you different and less code. Try putting this Code: [Patterns] on top of the auto login filter. It should remove a large amount of code. The code should be reinserted, if the auto login filter fails. If this doesn't fix things, I'll need some souce code. HTH |
|||
Oct. 17, 2011, 04:46 PM
Post: #9
|
|||
|
|||
RE: Yahoo: Auto Login 09.06.28 (edit! multi) [sd] (o.s)
(Oct. 16, 2011 11:17 PM)ProxRocks Wrote:(Oct. 16, 2011 09:52 PM)Graycode Wrote: In my case I don't allow non-SSL to target port :443 Maybe Code: [HTTP headers] ? |
|||
Oct. 17, 2011, 10:43 PM
Post: #10
|
|||
|
|||
RE: Yahoo: Auto Login 09.06.28 (edit! multi) [sd] (o.s)
(Oct. 17, 2011 04:44 PM)JJoe Wrote: Try putting this...on top of the auto login filter. It should remove a large amount of code. The code should be reinserted, if the auto login filter fails. thanks, will give that a try and report back in a few days if it seems to solve the intermittency or not... |
|||
Oct. 19, 2011, 03:44 PM
Post: #11
|
|||
|
|||
RE: Yahoo: Auto Login 09.06.28 (edit! multi) [sd] (o.s)
that seems to have solved it, i haven't had any intermittent misses
|
|||
« Next Oldest | Next Newest »
|