How do I forbid zend debugger from using cookies? - zend-debugger

It's causing lots of trouble,the cookies are not cleared after debugging!
how can I make it only use $_GET parameters?

I was also having this problem with the debugger in Eclipse. I found that you can disable cookies on your browser to fix this. If your browser allows site only exceptions, like Google Chrome, you can block it just for your dev site without disturbing other site cookies.

Related

Google Docs Redirect 301 error

Google Drive 301 redirect problem in both Internet Explorer 9.0 and Google Chrome.
How to download and recover my documents back?
Error details:
The webpage at https://docs.google.com/nonceSigner?nonce=7cb3t4occcafo&continue=https://doc-14-bg-docs.googleusercontent.com/docs/securesc/i5n0sn4aobda0j320f46k73eteiillh3/plshk64l31ed2qevsqk23j88fdobcn2g/1342972800000/16921087564105121353/16921087564105121353/0B4IwZnOWxZeUMUdqOG9iU2dRT3VGMm82aDdWNUV3QQ?e%3Ddownload%26hash%3Dhhjr1n96p6fbnep6l9cudvmg5ec7jr43%26nonce%3Db1573nhruskb0%26user%3D16921087564105121353&hash=f23l5btt5380bvi1fh63om23i6m3t5t4 has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.
Here are some suggestions:
Reload this webpage later.
Learn more about this problem.
I have experienced this in Chrome, IE, and Firefox when trying to download files from Google Drive. Disabling extensions & incognito didn't solve this for me, but I was able to find a workaround by using the Google Drive Desktop app.
https://tools.google.com/dlpage/drive
Hope that helps!
Based on a hint on cookies on Google forums, I found a solution:
By allowing Google to set cookies, the problem disappeared for me. Chrome settings > Advanced > Content settings ... > Cookies > Manage exceptions. Allow:
https://[*.]google.com:443
https://[*.]googleusercontent.com:443
The rule could be more specific but this works. I hope this helps. I had non-default cookie restrictions.

Google Chrome prompts for username/password even though page doesn't request it

I previously set a directory on my web server to require a username/password during development phase. I have since removed the .htaccess file to remove the password, I have also checked the cPanel to make sure there are no settings for a user/password.
Despite this, Chrome keeps asking for a username/password. If I click Cancel, the page continues to load anyway.
This only happens on Chrome Windows and Mac. I have cleared the entire cache for Chrome but to no avail. I am not able to replicate the problem on Firefox 4 or Internet Explorer 9.
I figured it out. I was silly enough to have left the URL pointing to a domain which does ask for a username/password but the domain it was pointing to was for the development site. Not sure why the other browsers didn't do the same thing but updating the base href has solved the problem.

Disabling pop-up of secure and non-secure content in Internet Explorer

I have few images on a web page which are fetched from HTTP server while whole web page is on HTTPS. So in Internet Explorer 7 and 8 I get this pop up:
This page contains both secure and non-secure items
Majority of users use Internet Explorer. Somehow they are getting worried about this pop-up. Even though I told some of the users about settings in IE, I dread telling everyone.
Does anyone know how I can disable this pop-up through JavaScript or any other way where the control will be in my hands?
You can't disable the popups. If you could, that's what the bad guys would do, and then there'd be no point to the security popup.
Move your images to your secure server, and the popups will go away because there's nothing being served unsecurly on a secure page.
No you cannot disable it. It is a security feature of the browser. It prevents possible cross site scripting XSS for secure sites.
Your best bet is to host all images, css, javascripts, etc from the secure server also.
Go to internet explorer-tools-security tab-custom level-scripting-active scripting-disable.
This should solve the problem

Is it possible to set a cookie from a browser plug-in?

Do browser plug-ins, such as the Yahoo toolbar or others, have the ability to set cookies on multiple domains as the user browses the web? Does the browser expose the necessary access to do this to a plug-in? If this varies across browsers, that would be helpful to know as well.
Thanks!
Cookies are stored in files and real plugins (i.e. ones using NPAPI rather than the browser's addon/extension engine) can read/write files. Hence, it's possible to do for any browser this way, although not really straightforward.
Firefox exposes cookies even to addons since there are cookie editor addons (that can edit cookie for any site).
Chrome/Chromium allows setting of cookies through "content scripts" that run in the context of a page (any page) - that's only in the beta branch so far, but soon to be in stable. However, the downside is that you might have to visit the site for it to work (you could fake that using iframes).
No idea about Opera.
The only one I have found that works quite well for creating/updating/viewing cookies is Firecookie

How To Tell What Files IE Thinks Are "nonsecure"?

We have a CMS system whose web interface gets served over HTTPS. This works beautifully for Firefox, but when we load it in IE6 or IE7, it complains that "This page contains both secure and nonsecure items."
I've loaded the page in Firefox and checked with Firebug, and every connection seems to be going through HTTPS, as should be the case.
Is there any way to tell what is causing IE to throw this apparently spurious error?
Firefox has a number of bugs in mixed content detection. Generally you should try using Fiddler to spot insecure resources.
If you install a tool I wrote (www.bayden.com/dl/scriptfreesetup.exe) you will get a different mixed content prompt which shows the exact URL of the first insecure resource on the page. That tool is basically a prototype and you should uninstall it when you're done with it.
Use Fiddler to watch the traffic between the server and IE.
Be sure to go to Tools > Fiddler Options... > HTTPS > and check 'Decrypt HTTPS traffic'
Any non-HTTPS traffic generated between any server and IE should be easy to spot in the Web Sessions list.
I used Eric's tool (thanks Eric you saved me hours...) and it turns out that IE6 treats a background image specified with a relative path as nonsecure content. Even though it actually requests it over https. So if you're stumped - converting your relative paths to absolute ones might really help...
Are one or more resources (CSS url-image ref overlooked easily) pointing to a subdomain that's not covered by the certificate (https://www.example.com vs https://static.example.com)?
If you can't see anything that isn't using SSL, then this is usually down to a broken SSL certificate somewhere. I don't know of anything off-hand that will tell you what exactly what the problem is, but you can get a list of everything that's loaded easily enough.
The media tab on Firefox's 'page info' dialog (right click on the page) will do it, it might also be worth having a go with Fiddler (which is an excellent, and extremely useful piece of software).

Resources