XF 1.5 Clarification on new config.php option

Wildcat Media

Well-known member
I just noticed this in the 1.5.6 upgrade, but had no luck here doing a search to find out where this might have been a problem:
  • A new config.php option $config['enableReverseTabnabbingProtection'] has been added to allow you to disable the reverse tabnabbing protection that was added in a recent version. The reverse tabnabbing protection can interfere with some services that manipulate link targets (for example, to include affiliate links). While disabling this removes the protection, the trade off of lost revenue may be worthwhile.

So, how exactly will this work? Would I set this to "off" or "0" to make certain revenues are not lost?
 

Fred.

Well-known member
When there is nothing in the config.php about this it's on right? Or do I have to add
Code:
$config['enableReverseTabnabbingProtection'] = true;
to enable it?
 

Wildcat Media

Well-known member
One suggestion I'm going to make (if it hasn't been done already) would be to include a default config.php file as they do now, but have all of the config options listed, and commented out. Most Linux packages I've worked with recently have done this, and seeing a configuration file with 1) all of the options listed and the optional ones commented out, and 2) comments to tell us what they all do, would be helpful. I'll tidy up this idea and post it tomorrow in Suggestions when I'm more coherent.
 
Top