It currently is Three
The ÂŁ99 still applies for now, weâre looking at ways to reduce this significantly
Canât wait to see this thing, Iâm hoping emails will go out today
Must be close, surely ?
Apparently theyâre waiting for the direct debits to be shoved over to the new system, then itâll be live for everyone, no ETA though
Access will be made available in the next 48 hours, all data has been moved, Direct debits are in place on the new portal, previous invoices etc have been moved. So weâre confident we can allow access
Did it say what it was flagged for?
No,
Referrer policy: strict-origin-when-cross-origin
and script is trying to POST outside of yayzi.co.uk domain
but Iâm no expert.
I think the only option you have is to raise it with MalwareBytes, or whitelist the url within browser guard.
96 vendors are reporting there are no issues. False positive on Malwarebytes side unfortunately.
Only thing i can think of is like trackers tbh
The referer policy needs changing.
Itâs not being blocked because there is anything wrong with the referred site. This is just a security issue that can be coded around. Malwarebytes is right to block the call (in my opinion)
Where is the security issue?
strict-origin-when-cross-origin
(default)
Send the origin, path, and query string when performing a same-origin request. For cross-origin requests send the origin (only) when the protocol security level stays same (HTTPSâHTTPS). Donât send the Referer
header to less secure destinations (HTTPSâHTTP).
Looks totally fine to me. The post request is likely sending event data to LaunchDarklyâs diagnostics endpoint.
Just wondering if these headers are required to make the CORS work according to standards?
For instance, Malwarebytes has no problems giving access to clientstream.launchdarkly.com but that request has the cors headers included above,
Whereas I get net::ERR_BLOCKED_BY_CLIENT when it doesnât have those headers (because Malwarebytes appears unhappy)
Possibly coincidence, but itâs just my observation.
Iâll leave it to Yayzi and see if they want to take it up with Gaiia. But just a google of âMalwarebytes browser Guard false positivesâ is enough for me to not worry about it.
would be nice if yayzi could add parental controls to the portal that would be a nice touch
As in one that controls the content people see on the WiFi?
Pretty sure the routers support it but currently I donât think the routers are connected to the portal. This is something Yayzi have in the pipeline
This would very likely only work with their router as they can remotely control it via a protocol that I canât remember the name of