XPost: comp.lang.javascript, comp.infosystems.www.authoring.misc

Anyone familiar with

https://developers.google.com/web/updates/2020/07/referrer-policy-new-chrome-default/

?

I have a php seesion that uses this javascript
snippet

:

<script
src="https://code.jquery.com/jquery-3.3.1.js"
integrity="sha256-2Kok7MbOyxpgUVvAk/HJ2jigOSYS2auK4Pfzbm7uH60="
crossorigin="anonymous"></script>
<script>

If I read google developers correctly, I might have to
change this snippet.

What is least path of resistance to accomplish this change?
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b BC save the Province; on 24 October 2020, vote Liberal and not NDP!

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: comp.lang.javascript, comp.lang.php, comp.infosystems.www.authoring.misc

In article <2924c70d-67bd-468a-a480-bd1741bb1158n@googlegroups.com>,
Michael Haufe (TNO) <tno@thenewobjective.com> wrote:

On Saturday, October 17, 2020 at 5:27:21 PM UTC-5, The Doctor wrote:

Some good hints but no dice on the page yet.

What does that mean? Are you getting a warning?

According to one programmer they are getting error 500.

I am using nginx

here are to lines in the configuration

#add_header Content-Security-Policy "default-src 'self'; script-src 'self' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://
assets.zendesk.com; style-src 'self' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://
tautt.zendesk.com; object-src 'none'";
##add_header Referrer-Policy "strict-origin-when-cross-origin";

These are commented out for a reason.

Here is the page in question

----------------------- Start here ----------------------------------------

<?php session_start();?>
<!DOCTYPE html >
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Professional Development Solutions - Online Form</title>
<meta name="description" content="PD Solutions is an educational company that delivers on-line webinars and webcasts to various organizations or people" />
<meta name="robots" content="index, follow" />
<link rel="stylesheet" type="text/css" href="css/css.css"/>
<link rel="stylesheet" type="text/css" href="css/css2.css"/>
<!--meta http-equiv="Content-Security-Policy" content="default-src 'self' *.nk.ca *.nl2k.ab.ca; img-src https://*; child-src 'none'; script-src code.jquery.com ; report-uri https://www.nk.ca/dbusername/csp-reports/ "-->
<script >

<?php
$connect = mysqli_connect("server", "dbusername", "dbpasswd","dbusername") or die ("Cannot connect");
//mysqli_select_db($connect,"dbusername") or die("Cannot select database");


/////////////////////////Filtering Generes////////////////////////////////////////

$jresult = mysqli_query ($connect,"SELECT sessions.sessionid FROM sessions WHERE sessions.sessionid > 986 ORDER BY sessions.sessionid ") or die('cannot show tables');
$getcount = mysqli_query ($connect,"SELECT COUNT(*) FROM sessions");


function load()
{
window.status = " "
}

function count(
<?php
while (
//$row = mysqli_fetch_row($jresult,MYSQL_ASSOC) ;

$row = mysqli_fetch_assoc ($jresult)
){
if ( 400 > $row['sessionid'] ){
echo "quans".$row['sessionid'].",";
} else {
echo "quans".$row['sessionid'];
}
}

)
{

//Getting Values
<?php
$connect = mysqli_connect("server", "dbusername", "dbpasswd","dbusername") or die ("Cannot connect");
mysqli_select_db($connect,"dbusername") or die("Cannot select database");


/////////////////////////Filtering Generes////////////////////////////////////////

$jresult1 = mysqli_query ($connect,"SELECT sessions.sessionid FROM sessions WHERE sessions.sessionid >986 ORDER BY sessions.sessionid ") or die('cannot show tables');



<?php
while($row = mysqli_fetch_assoc($jresult1)){
echo "var quan".$row['sessionid']." = parseInt(document.getElementById('quans".$row['sessionid']. "').value);\n";
}




//Stored Values

<?php
$connect = mysqli_connect("server", "dbusername", "dbpasswd","dbusername") or die ("Cannot connect");
mysqli_select_db($connect,"dbusername") or die("Cannot select database");


/////////////////////////Filtering Generes////////////////////////////////////////

$jresult = mysqli_query ($connect,"SELECT sessions.sessionid FROM sessions WHERE sessions.sessionid > 986 ORDER BY sessions.sessionid ") or die('cannot show tables');



if
( 0
<?php
while($row = mysqli_fetch_assoc($jresult)){
echo "|| (quan".$row['sessionid']." > 0 ) \n";
}

)

{

<?php
$connect = mysqli_connect("server", "dbusername", "dbpasswd","dbusername") or die ("Cannot connect");
mysqli_select_db($connect,"dbusername") or die("Cannot select database");


/////////////////////////Filtering Generes////////////////////////////////////////

$jresult = mysqli_query ($connect,"SELECT sessions.sessionid FROM sessions WHERE sessions.sessionid > 986 ORDER BY sessions.sessionid ") or die('cannot show tables');



<?php
while($row = mysqli_fetch_assoc($jresult)){
echo "var price".$row['sessionid']." = 63.00 * quan".$row['sessionid'].";\n";
}


}
else
{

<?php
$connect = mysqli_connect("server", "dbusername", "dbpasswd","dbusername") or die ("Cannot connect");
mysqli_select_db($connect,"dbusername") or die("Cannot select database");


/////////////////////////Filtering Generes////////////////////////////////////////

$jresult = mysqli_query ($connect,"SELECT sessions.sessionid FROM sessions WHERE sessions.sessionid > 986 ORDER BY sessions.sessionid ") or die('cannot show tables');



<?php
while($row = mysqli_fetch_assoc($jresult)){
echo "var price".$row['sessionid']." = 0;\n";
}


}




// kortti

<?php
$connect = mysqli_connect("server", "dbusername", "dbpasswd","dbusername") or die ("Cannot connect");
mysqli_select_db($connect,"dbusername") or die("Cannot select database");


/////////////////////////Filtering Generes////////////////////////////////////////

$jresult = mysqli_query ($connect,"SELECT sessions.sessionid FROM sessions WHERE sessions.sessionid > 986 ORDER BY sessions.sessionid ") or die('cannot show tables');



<?php
while($row = mysqli_fetch_assoc($jresult)){
echo "if (calc.price".$row['sessionid'].".checked){\n
var wprice".$row['sessionid']." = document.calc.price".$row['sessionid'].".value = price".$row['sessionid'].";\n
} else { \n
var wprice".$row['sessionid']." = document.calc.price".$row['sessionid'].".value = 0;\n}\n
";
}





//document.getElementById("total").innerHTML = (wprice315 + wprice316 ) + ".00";

document.calc.charge_total.value = ( 0

<?php
$connect = mysqli_connect("server", "dbusername", "dbpasswd","dbusername") or die ("Cannot connect");
mysqli_select_db($connect,"dbusername") or die("Cannot select database");


/////////////////////////Filtering Generes////////////////////////////////////////

$jresult = mysqli_query ($connect,"SELECT sessions.sessionid FROM sessions WHERE sessions.sessionid > 986 ORDER BY sessions.sessionid ") or die('cannot show tables');



<?php
while($row = mysqli_fetch_assoc($jresult)){
echo " + wprice".$row['sessionid']." ";
}


) + ".00";

return charge_total;

}
</script>
<!-- valid -->
<!-- LOAD THE NECESSARY JQUERY LIBRARY-->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<script src="js/jquery-latest.js"></script>
<script src="js/jquery.validate.js"></script>
<!-- USE THE READY FUNCTION -->
<script>
$(document).ready(function(){
$("#blogm").validate({


rules:{
bill_first_name:{
required:true,


},
bill_last_name:{
required:true,


},

bill_address_one:{
required:false,


},

bill_company_name:{
required:false,


},

bill_city:{
required:false,


},

bill_state_or_province:{
required:false,


},

bill_country:{
required:false,


},

bill_postal_code:{
required:false,


},

bill_phone:{
required:true,


},


email:{
required:true,


},

CaptchaInput:{
required:true,


},


note:{
required:false,


}




},//////rules ends///////



messages:{
bill_first_name:{
required: "*",

},
bill_last_name:{
required: "*",


},
bill_address_one:{
required: "*",


},
bill_company_name:{
required: "*",


},

bill_city:{
required: "*",


},

bill_state_or_province:{
required: "*",


},

bill_country:{
required: "*",


},

bill_postal_code:{
required: "*",


},

bill_phone:{
required: "*",


},


email:{
required: "*",


},

CaptchaInput:{
required:true,


},


note:{
required: "*",


}
/*message:{
required: "*",

}*/



}//////message ends///////



});



});
</script>


<script src="js/jquery.uniform.js"></script>
<script>
$(function(){
$("input, textarea, select, button, radio").uniform();
$(":file").uniform({fileBtnText: 'Phil is Cool;'});
});
</script>
<link rel="stylesheet" href="css/uniform.default.css" type="text/css" media="screen">
<link rel="stylesheet" href="css/uniform.agent.css" type="text/css" media="screen">
<meta name="viewport" content="width=device-width, initial-scale=1">

</head>

<body>

<!--wrapper begins-->
<div id="wrapper">

<!--header begins-->

<?php

include("includes/header.php");



<!--header ends-->



<!--nav begins-->
<div id="nav">

<!--holder begins-->
<div id="holder"><ul>
<li><a href="https://www.dbusername.ca">Home</a></li>
<li><a href="https://www.dbusername.ca/courses.php#nav2" >Courses</a></li>
<li><a href="" >Archive</a></li>
<li><a href="https://admin.acrobat.com/common/help/en/support/meeting_test.htm" >Connection</a></li>
<li><a href="" >Biographies</a></li>
<li><a href="https://www.dbusername.ca/contactus.php" >Contact Us</a></li>
<li><a href="https://www.dbusername.ca/form.php#content" >Register</a></li>
</ul>
</div><!--holder ends-->

</div><!--nav ends-->


<!--mainbanner begins-->
<div id="mainbanner">



<!--banner begins-->
<div id="banner">
<h2 class="order">
OnLine Order Form
</h2>
<p></p>

<div id="canada">
<img src="images/canada.png" alt="Canada" width="336" height="298" /></div>


</div> <!--banner ends-->


</div><!--mainbanner ends-->


<!--content begins-->
<div id="content">
<div id="left">


<?php
$connect = mysqli_connect("server", "dbusername", "dbpasswd","dbusername") or die ("Cannot connect");
mysqli_select_db($connect,"dbusername") or die("Cannot select database");


/////////////////////////Filtering Generes////////////////////////////////////////

$result = mysqli_query ($connect,"SELECT sessions.sessionid, courses.abbr, courses.seminar, sessions.date, sessions.time FROM sessions,courses WHERE sessions.courseid=courses.id AND sessions.sessionid > 986 ORDER BY sessions.sessionid ") or die('
cannot show tables');



<form action="https://www.nk.ca/dbusername/step2.php" id="blogm" method="post" name="calc" onSubmit="return ( checkform(this) && count());" onKeyUp="highlight(event)" onClick="highlight(event)">


<h2 class="courses1">Orders</h2>
<div class="divider3"></div>

<li class="order0"><b>Online Orders</b> - Complete and submit this form</li> <li class="order0"><b>Phone Orders</b> - Call <b>1-877-977-6774</b></li>
<li class="order0"><b>Fax Orders</b> - Print the Order Form and FAX to 1-780-351-2029<br></li>
<li class="order0"><b>Mail Orders</b> - Print the Order Form and mail to: P D Solutions 15422-104A Street Grande Prairie, AB T8X 0L1</li>

</ul>

<h2 class="proceed">This page uses javascript. Please turn javascript on the browser. </h2>



<h2 class="courses1">Note</h2>
<div class="divider3"></div>

<ol id="order">
<li class="order">All prices in CANADIAN Funds.</li>
<li class="order">Canadian Residents 5% GST applies and will be added to your order</li>
<li class="order">At the moment, browsers like Chrome, Egde and similar browser are having an issue . Please use, Firefox, Waterfox, Safari, Opera or Seamonkey to register.</li>
<li class="order">Each course cost $63.00 IF you are GST exempt<br /><a href="formnogst.php">Click
here
</a></li>



<li class="order"></li>
</ol><ul>
<li class="order2"> -Select the course you wish to take </li>
<li class="order2"> -place the number one (1) in the quantity box </li>
<li class="order2">-then click the "Calculate" button at the bottom
of the page to give you a total. </li>
<li class="order2"> -if you have made an error click on the reset
button at the bottom of the page</li>
</ul>


<h2 class="courses1">Courses</h2>
<div class="divider3"></div>
<table class="tablemain style3">

<td class="td1"><span class="top">Course ID</span></td>
<td class="td2"><span class="top">Select Course</span></td>
<td class="td3"><span class="top">Description</span></td>
<td class="td3"><span class="top">Select Quantity</span></td>
<td class="td4"><span class="top">Course Date</span></td>
</tr>

<?php
//session_start();
//$_SESSION['sessiondata'] = $results;
if(mysqli_num_rows($result)){
$results = array();

$i = 0;
while($row = mysqli_fetch_assoc($result)){

if(!empty($row)){

$results[]= $row;
}

//echo "<pre>";print_r($row);

$sessionid1=$row['sessionid'];
$abbr1=$row['abbr'];
$seminar1=$row['seminar'];
$date1=$row['date'];
$time1=$row['time'];


<?php
echo '<tr>';

echo " <td class=\"style3 textcenter\" >
<input name=\"id[]" . $row['sessionid'] . "\" id=\"id". $row['sessionid']. "\" value=\"" .$row['abbr']. "-" .$row['sessionid']. "\" size=\"10\"></td>
<td class=\"textcenter\"><input name=\"price[]\" id=\"price". $row['sessionid']. "\" value=\"63.00\" size=\"7\" type=\"checkbox\" ></td>
<td class=\"style3 textcenter\"><input class=\"style3\" name=\"description[]\" id=\"description". $row['sessionid']. "\" value=\"". $row['seminar']. "\" type=\"text\"></td>
<td class=\"style3 textcenter\"><input class=\"style3\" name=\"quantity[]\" value=\"0\" size=\"4\" type=\"text\" id=\"quans". $row['sessionid']. "\"></td>
<td class=\"textcenter\"><span class=\"style3\">". $row['date']. "&nbsp;". $row['time']. "</span> </td>";

echo "</tr>";
}








$i++;
}

//echo "<pre>";
//print_r($results);
//echo "</pre>";


$_SESSION['sessiondata'] = $results;

//echo $i;
//echo "". $results . "";
?>
</table>



<p class="please">Please
note: Checkmark Select
Course and also the Corresponding Select Quantity is entered as 1, or
as many as required.




<table class="list1">

<td class="list1">
<label class="calculate">Price</label></td><td>
<input type="text" name="charge_total" id="box1"/>
<!--<em>*</em>-->
</td></tr>




<td class="last1">
<input onClick="count()" value="Calculate" id="submit1" type="button"> </td><td>
<input value="Reset" id="reset1" type="reset">
</td></tr></table>





<h2>Student Personal Information</h2>
<div class="divider4"></div>
<ul class="list">

<li class="list">
<label>First Name:</label>
<input type="text" name="bill_first_name" id="box" />
<em>*(Required)</em>
</li>


<li class="list">
<label>Last Name:</label>
<input type="text" name="bill_last_name" id="box2" />
<em>*(Required)</em>
</li>


<li class="list">
<label>Address</label>
<input type="text" name="bill_address_one" id="box3" />
<!--<em>*</em>-->
</li>


<li class="list">
<label>Company</label>
<input type="text" name="bill_company_name" id="box4" />
<!--<em>*</em>-->
</li>

<li class="list">
<label>City</label>
<input type="text" name="bill_city" id="box5" />
<!--<em>*</em>-->
</li>

<li class="list">
<label>Province:</label>
<input type="text" name="bill_state_or_province" id="box6" />
<!--<em>*</em>-->
</li>

<!--li class="list">
<label>Country:</label>
<input type="text" name="bill_country" id="box7" />
<em>*</em>
</li-->

<li class="list">
<label>Postal Code:</label>
<input type="text" name="bill_postal_code" id="box8" />
<!--<em>*</em>-->
</li>

<li class="list">
<label>Phone:</label>
<input type="text" name="bill_phone" id="box9" />
<em>*(Required)</em>
</li>

<!--li class="list">
<label>Fax:</label>
<input type="text" name="bill_fax"id="box10" />
<em>*</em>
</li-->

<li class="list">
<label>Email:</label>
<input type="text" name="email" id="box11" />
<em>*(Required)</em>
</li>

<!--li class="list">
<label>Date of Birth(MM/DD):</label>
<input type="text" name="note" id="box12" maxlength="5" />
<em>*</em>
</li-->


<li class="warning">**Please doublecheck your e-mail address as it is used to send you a receipt.**</li>


</ul>





<h2 class="proceed"> Proceed with your order</h2>



<p class="check">Please check that all information has
been included and is accurate. Select
the 'Place Your Order' button. When you place your order you will receive a screen confirmation.
Please fill in the credit card information and proceed with the transaction.


<table class="last"><tr><td>

<!-- START CAPTCHA -->

<div class="capbox">

<div id="CaptchaDiv"></div>

<div class="capbox-inner">
Type the above number:<br>

<input type="hidden" id="txtCaptcha">
<input type="text" name="CaptchaInput" id="CaptchaInput" size="15"><br>

</div>
</div>
<br><br>
<!-- END CAPTCHA -->

<input type="submit" value="Place Your Order" name="submit" id="submit" >
<input type="reset" value="Clear the Form" id="reset" />
</td></tr></table>
</form>


</div><!--left ends-->

<div id="right">

<!--nav begins-->
<div id="nav100">

<!--holder begins-->
<div id="holder100">
<ul>
<li><a href="http://www.dbusername.ca/index.php" >Home</a></li>
<li><a href="http://www.dbusername.ca/courses.php#nav2">Courses</a></li>
<li><a href="http://www.dbusername.ca/archive.php">Archive</a></li>

<li><a href="https://admin.acrobat.com/common/help/en/support/meeting_test.htm">Connection</a></li>
<li><a href="http://www.dbusername.ca/contactus.php">Contact Us</a></li>
<li><a href="https://secure.nl2k.ab.ca/dbusername/">Register</a></li></ul>
</div><!--holder ends-->


</div><!--nav ends-->




</div><!--right ends-->

<div id="bottomcontent">
</div><!--bottom content ends-->

</div> <!--content ends-->





<div class="clearfooter">
</div>


</div><!--wrapper ends-->

<?php

include("includes/footer.php");




<script
src="http://code.jquery.com/jquery-3.5.1.js"
integrity="sha256-QWo7LDvxbWT2tbbQ97B53yJnYU3WhH/C8ycbRAkjPDc="
crossorigin="anonymous"

</script>

<script>
$( document ).ready(function() {
var limit = 1;
$('checkbox').on('change', function(evt) {
if($(this).siblings(':checked').length >= limit) {
this.checked = false;
}
});
});
</script>
</body>
</html>

---------------------------------- End page --------------------------

All right in Chrone, Edge and AVG SEcure browser this fails to work.

In Firefox, Waterfox, SeaMonkey, Opera and other similar browsers

if the nginx.conf lines I comment above are turn off, the page
fails like it does in Chrome, but when I turn comment the
mention configuration line, Firefox et al works, and Mozilla observer
is not happy.

I need to get this solved like yesterday!

--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b BC save the Province; on 24 October 2020, vote Liberal and not NDP!

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: comp.lang.javascript, comp.lang.php, comp.infosystems.www.authoring.misc

On 18/10/2020 14.37, The Doctor wrote:

In Firefox, Waterfox, SeaMonkey, Opera and other similar browsers

if the nginx.conf lines I comment above are turn off, the page
fails like it does in Chrome, but when I turn comment the
mention configuration line, Firefox et al works, and Mozilla observer
is not happy.

I need to get this solved like yesterday!

This is unrelated to PHP, this is about crossdomain javascript.
Nowadays you should tell which domains are ok to include 3rd party
javascript, the more specific you can be the better.

You should avoid of including 3rd party scripts, have a local copy which
you have verified with checksums that it's thew correct script and serve
it from your domain. Don't forget to keep it updated so you won't have a
bad vulnerability that someone can take advantage of.

--

//Aho

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)