• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.5 Clarification on new config.php option

Rudy

Well-known member
#1
I just noticed this in the 1.5.6 upgrade, but had no luck here doing a search to find out where this might have been a problem:
  • A new config.php option $config['enableReverseTabnabbingProtection'] has been added to allow you to disable the reverse tabnabbing protection that was added in a recent version. The reverse tabnabbing protection can interfere with some services that manipulate link targets (for example, to include affiliate links). While disabling this removes the protection, the trade off of lost revenue may be worthwhile.

So, how exactly will this work? Would I set this to "off" or "0" to make certain revenues are not lost?
 

Rudy

Well-known member
#3
Excellent, thanks!

Looking at my stats with a couple of affiliate programs, I do see a drop in revenues starting on the day I did the upgrade. Had I known...
 

Fred.

Well-known member
#4
When there is nothing in the config.php about this it's on right? Or do I have to add
Code:
$config['enableReverseTabnabbingProtection'] = true;
to enable it?
 

Rudy

Well-known member
#6
One suggestion I'm going to make (if it hasn't been done already) would be to include a default config.php file as they do now, but have all of the config options listed, and commented out. Most Linux packages I've worked with recently have done this, and seeing a configuration file with 1) all of the options listed and the optional ones commented out, and 2) comments to tell us what they all do, would be helpful. I'll tidy up this idea and post it tomorrow in Suggestions when I'm more coherent.