TheHun is now showing all galleries in a frame.. isn't that a huge cookie issue?
 

All galleries are now shown in a frame.. and the frame stays there when you click any sponsor link on the galleries (unless you're smart ofcourse)

Isn't that a big problem? I mean.. as far as I know cookies can't be stored on a surfers computer from a frame?!?! This means tons and tons of sales not getting credited to the webmasters eh?

Yup pretty much what I thought too - however could be wrong.

Something to do with cookies not being able to be set if they are for a domain different to that the browser is on.

Would love to hear more info on this though.

Yep its looking like a dump site now :(

The aff links are still in tact though.

Click on a link and see where that takes you .....

One more thing this will prevent is tons of type in sales, because the surfer can't see the domain name of the site they're on..

Affiliate sales mostly come from links clicked... not cookies set.

Yeah, but the keyword is mostly.. the rest could very well be the ones making you profit

Takes me to the site but its still in an iframe.

Aff link was still intact.

It depends on your browsers settings and the sites headers. But chances of succesfully placing a cookie are in fact less, yes.

Pretty sure most companies are using more than just a cookie to track affiliate sales.

this is fucking up my cookie stuffing I do on the hun

Cookies won't be a problem. What it does generate is way more votes, Which should bring in some extra traffic, and the 'view more from this submitter', which brings more traffic still.

Plus, this is the first step in some more changes coming up. I'm sure you'll love 'em! Working hard getting that done!!

Should not change a thing to the old school site, just make something new and link to it.

Sounds like some risky shit to be doing on such a large site?

There is no problem with storing cookies from a frame.

I can see why Hun is doing it from his POV but, in my opinion, I would not keep the frame there after the second outgoing click to the sponsor from a gallery.

Oh, and I just removed the bar clicking the little X and now I never get it anymore but also can't set it to yes again?

cheers!

Clear Your Cookies :winkwink:

haha no!

erm - you're cookied as soon as your browser opens a site so if it loads from an iframe or not, users will still be cookied. If you create a gallery and have 200 iframes set at 1x1 pixel on it to sponsors, you will have effectively cookie stuffed.

Not seeing what the issue is here although the frame on the sponsor's site is a little off putting. The frame should get destroyed once on the billing page as most of them use frame buster scripts.

Cheers ...

I'm quite sure this will result in the loss of many sales. Not because of cookie issues but because they people don't like to sign up to something while being in a frame.
I know i wouldn't.
I wonder why he does this. As a paying submitter i would be pissed off.

nope... not true. lol.

the browser treats a page inside an iframe/frame the exact same as a normal page. in fact the only differences would be js related to the frame itself + parents. but cookies etc no change. this isn't something to worry about :thumbsup

Cookies will be set fine when it's loaded in a frame, bigger issue with cookies is that more and more people using privacy mode on their browsers so no cookie will be set anyway.

It generates a lot of traffic to other posts by the same submitter. We have the option to switch it off for people that are advertising g with us. But who minds people signing up for a gallery they submitted a month ago?

Don't be change-o-fobic people. Sure, some complain - surfers I mean, but we saw a boost in Facebook likes after this. And we see a boost in people's gallery traffic as well. Especially for the good ones that get voted in the top 8. I feel thehun has been stuck in 1995 long enough.

Did anybody who complaine after the last big Facebook upgrade cancel their account? But like all changes: we'll look at how it does. This far the results are great. I have no way of knowing why it'll do in the longer run, so we're keeping a close eye on things.

All feedback is appreciated.

If you clicked away the hunbar and opted to keep it that way for the rest of the day just check back tomorrow.

There is no way for me to open a sponsor link outside the hunbar. Either open it in a new window (so you don't loose the visitor) or set target to _top.

I love the new changes, although I have a tiny complaint.
I just can't stand that black bar going through the page, it hurts my eyes looking at it
http://www.thehun.net/images/shadebar.gif
Haven't heard anyone else complain about it though so maybe it's just me :-p

oh the hun.

The hun makes money from pre paid..... Errr wait..

What is the hun again? Is it a tube yet?

I can get rid of that ribbon... but we kind of had a neat idea with that... I'll throw some logo's at you that we're going to be using so you can choose!

Change it into a tube.

Apparently none of you kids ever heard of third party cookies or p3p headers? Trying to elevate the level of competence in here seems to be a sisyphean mission.

Give us the wiki on this, thanks.

Surfer and website = first and second party.

Different website in frame = third party.

Cookie from different website in frame = third party cookie.

Browsers with ability to filter third party cookies = basically all.

Surfers utilizing this feature = some.

Methods to mitigate some of the "loss" = P3P headers.

Paysites that use P3P headers = few.

Estimated cookie "loss" from using frames = small.

Claiming that frames do not affect cookies at all = false.

So some personal experience with this: 1., no sale made since the hunbar is on (maybe a coincidence, sales are low anyways) 2., my gallery for today received about 45.000 hits until now, 240 showed in ccbill as unique clicks and 4 "submits" (=form clicks, I believe, are unsuccessfull submits)

Maybe all of these are coincidences, maybe not. Just shared.

only allow oron links and watch your submissions and traffic explode. thank me later.

Well said.

:1orglaugh

The little popup at the end asking if you really want to leave the hun is going to help sales?

TheHun, while you're listening, do you mind fixing that "prioritize"-issue I posted on your forum but doesn't get answered?

Back on topic: I kinda like the "view more galleries from this submitter" link. Should bring in some extra traffic.

Well said, I would never signup for a sponsor still being in iframe and I know most of the people would not. For regular folk it seems fishy/shady. Thats the fact.
Iframe should be gone after user clicks sponsor link.

And now submit.thehun.net is not working, redirects to 404 :(

We're moving stuff to the new server right now. So some backend stuff might be down for a while. If it's down too long I will have to take my tech outside and beat him with a large stick. But hang in there with us.

Problem with a frame is that you can't change stuff if the code with jquery or JavaScript if the stuff isn't on the same domain. So I can't see if a user leaves for a sponsor. So that's something the gallery builders have to build in themselves. Not a biggie: add target='_top' and you're done.

I can see that the 'more from this poster' brings in more traffic to the posters. A lot more now it's in the bar (it was on thehun.net/new.html only).

A cookie set in a frame will be exactly the same as if it wasn't set from a frame, but from a full page. Cookies are set for a domain, not for a level of frame or something.

3rd party cookies are not usable. Many (if not all) people have that disabled by default. There is still a lot of paranoia about cookies... Some of it for good reason maybe. There are ways to transfer cookies between domains, but that requires some server side programming. Off topic though ;-)

Oh, I'll look at that prioritize stuff today. I thought I had that fixed. Apparently not.

IE, for example, will by default accept third party cookies only if the site sering the cookie uses a P3P compact privacy policy header.
In order to greatly increase acceptance of third party cookies, add a compact privacy policy. See:
http://www.softwareprojects.com/reso...side-1612.html

:thumbsup

You have got to be fucking kidding me. For the third motherfucking time, a frame is a third party object hence cookies set in a frame are THIRD PARTY COOKIES! Any stupid asshole can go Google it to prove you wrong. If you're not trying to manipulate people and it's your developer feeding you this bullshit, fire him on the spot.

p3p policies
 

Simply adding a compact header only gets you part of the way - you'll want to add a policy file to be sure everything's cool (IE8??).

It's should be easy enough to just throw a header in web server config and then add the necessary xml files - I use two, if you can figure out how to fit it in a single file... it's supposed to do that.

Apache conf:

Then a p3p.xml file:

Then your lovingly hand-crafted p3p policy file: (since all of the generation tools seem broken or just gone)

Not having appropriate policies in your program's traffic funnel can be a fun way to try to Gilette yourself a little extra change.

what's in a name...

I mean, if it's in a frame it's not really third party cookie, is it? If for instance thehun.net loads a frame from kinghost.com and kinghost sets a cookie thehun can't get to that cookie without some sort of server side code. So a domain can only get to the cookies it set itself. That's not really third party to me since a third party wouldn't be able to set a cookie for a second party... only on a frame on his own domain.

Now if this whole discussion is based on my literal translation of third party cookies and the term 'third party cookies' means that a domain, no matter how deep in frames it's hidden, can set a cookie on a computer you're right... that can easily be done. No problem

Ok, I think you're mixing things up. The problem is not security related, no modern browser allows domain A to read cookies set by domain B. The problem is privacy related.

When I visit domain A and domain A includes a page from domain B in a frame, domain B is considered a third party object by the browser, because I never requested domain B. Therefore domain B can be limited in its ability to set cookies, not just for domain A which it never can, but also for itself, domain B.

As I wrote earlier, I don't think it will be a major loss, but it's simply not true that is has no effect.

Oh that... I read that all over google ;-)

gotta love the hun! :thumbsup

"Third party cookie" is a technical term with a precise meaning and it's not what it sounds like. It does not mean a.com setting a cookie to be read by b.com. It means a cookie set by an image, frame, or other object on a domain different from the main page. Do if you frame a page, any cookie set by the framed page is called a third party cookie.

Third party cookies became interesting when ad networks starting using them. A.com would have a banner or frame from adtracker.com. B.com also runs a banner or frame from adtracker.com. With third party cookies allowed, adtracker.com could then track the user across both a.com and b.com. Privacy advocates didn't like that.