The Blogger HTTPS Redirection, a recently added feature in Blogger security, may be a similar Blogger magic trick - and a possible problem. Some browsers treat websites with multiple redirects as possibly malicious.
Private blogs, accessed through the Blogger / Google interstitial login, may also complicate HTTPS Redirection.
Interstitial webpages may pop up like magic, where you (or your prospective viewer) would least expect them.
- In front of a "private" blog, where you have to identify yourself to continue.
- In front of a blog that contains (or is reputed to contain) objectionable material (naughty pictures or such).
- In front of a blog that is (or appears to be) published off site.
- In front of a blog that has been blocked, for TOS violation, or maybe for hosting hacking content.
One of the problems with HTTPS Redirection may involve private blogs.
To access a private blog, you must be identified.
To access a private blog, one must be logged into Blogger, using an account that is a member or owner of the blog.
Both of those displays come after the link to the blog - and before the blog is viewed. They are called "interstitial" webpages.
If you try to access a private blog, and are not a member / owner, you should see the well known Blogger / Google interstitial login webpage. In order to check that you are a member / owner, the infamous Google Login Cookie must be accessed.
The Google Login Cookie, created under the Google login sequence and accessed from a Blogger display, is a "third party" cookie. If the browser blocks "third party" cookies, as many do, the browser may refuse access to the private blog - even if the prospective reader is logged in to Blogger, as a member or owner.
If third party cookies are not blocked, too many redirects may present a problem.
If third party cookies are not blocked, some browsers may still have a problem - too many redirects. Some browsers may object to multiple redirects to other websites - as possible malicious content. A redirect to an interstitial display, following the "HTTP to HTTPS" redirect, may be one too many redirects.
The mysterious Blogger "private blog" interstitial display, which lets people login to a private blog when necessary, may contribute to the "too many redirects" problem, for browsers which are sensitive to multiple redirects. Even if a private blog member / owner is logged in properly, the interstitial display is still involved, in checking for proper login - and this is where the infamous "third party" cookie is involved.
You may need to adjust your security settings, for best results.
If you are trying to access a private blog - and you see "This blog is open to invited readers only", or you are forced to login, again (!!), you will need to check and correct your cookie filters. You might want to similarly check and correct your script filters.
Please remember that the filter that is affecting your private blog access - whether cookie or script - may not be part of your browser native settings. Check thoroughly.
One of the challenges involved with the recently added #Blogger "HTTPS Redirect" may involve private blogs, and the Blogger private blog interstitial login. "Third party cookie" filters, and the Blogger private blog interstitial login, will complicate this problem.
https://productforums.google.com/d/topic/blogger/WiR84_IRF8w/discussion
0 comments:
Post a Comment