Fixed 403 Forbidden Error on Windows Phone for Private Forums

Sadik B

Well-known member
Steps to Reproduce
  1. On your Windows Phone, Go to any URL which needs visitor to be logged in. For a private forum, this would be any page. For xenforo.com for instance, this page http://xenforo.com/community/forums/bugs/create-thread needs you to be logged in.
  2. You will see a 403 Forbidden Error.
This is because in XenForo_ControllerPublic_Error, on line 87, the HTTP header response code is being set to 403:

PHP:
$view->responseCode = 403;

Windows Phone stops dead in it's track as soon as it receives the 403 Forbidden error response, thereby not showing the Login page and not giving the user the opportunity to Login.
 
The bug is actually more bizarre than that.

Testing with the emulator (WP7), it's actually specific to a non-200 responses (tested with 404 and 403) and the request being served gzipped. Even then, if you get the broken request and manipulate the URL (but to still throw the same code), it appears to work on the next page view.

I could potentially disable gzip in this situation within XF, though it's very common for the web server to do it anyway.
 
Actually you know what, it's not gzip -- it's the content-length header.

In my case, since the site I was working on was entirely private, I have temporarily fixed this by sending $view->responseCode = 200;

That is of course a bad workaround for non-private sites as they could be penalized by Google for duplicate content (the login page).
 
Top Bottom