The £99 still applies for now, we’re looking at ways to reduce this significantly
4 Likes
Can’t wait to see this thing, I’m hoping emails will go out today
3 Likes
Must be close, surely ?
Apparently they’re waiting for the direct debits to be shoved over to the new system, then it’ll be live for everyone, no ETA though
Access will be made available in the next 48 hours, all data has been moved, Direct debits are in place on the new portal, previous invoices etc have been moved. So we’re confident we can allow access 
9 Likes
Did it say what it was flagged for?
No,
Referrer policy: strict-origin-when-cross-origin
and script is trying to POST outside of yayzi.co.uk domain
but I’m no expert.
1 Like
I think the only option you have is to raise it with MalwareBytes, or whitelist the url within browser guard.
96 vendors are reporting there are no issues. False positive on Malwarebytes side unfortunately.
1 Like
Only thing i can think of is like trackers tbh
The referer policy needs changing.
It’s not being blocked because there is anything wrong with the referred site. This is just a security issue that can be coded around. Malwarebytes is right to block the call (in my opinion)
Where is the security issue?
strict-origin-when-cross-origin (default)
Send the origin, path, and query string when performing a same-origin request. For cross-origin requests send the origin (only) when the protocol security level stays same (HTTPS→HTTPS). Don’t send the Referer header to less secure destinations (HTTPS→HTTP).
Looks totally fine to me. The post request is likely sending event data to LaunchDarkly’s diagnostics endpoint.
Just wondering if these headers are required to make the CORS work according to standards?
For instance, Malwarebytes has no problems giving access to clientstream.launchdarkly.com but that request has the cors headers included above,
Whereas I get net::ERR_BLOCKED_BY_CLIENT when it doesn’t have those headers (because Malwarebytes appears unhappy)
Possibly coincidence, but it’s just my observation.
I’ll leave it to Yayzi and see if they want to take it up with Gaiia. But just a google of “Malwarebytes browser Guard false positives” is enough for me to not worry about it.
1 Like
would be nice if yayzi could add parental controls to the portal that would be a nice touch
As in one that controls the content people see on the WiFi?
Pretty sure the routers support it but currently I don’t think the routers are connected to the portal. This is something Yayzi have in the pipeline
This would very likely only work with their router as they can remotely control it via a protocol that I can’t remember the name of
