Jump to content

Facebook connection now means I cannot use cache pages in teaching my classes...


Mukmuk the Marmot

Recommended Posts

I teach grade 6, and every year I do a GPS/Geocaching unit. It's a great end of year activity, the kids enjoy it, and a few each year persuade their parents to let them buy a GPS and take up the hobby. All good!

 

However, today I was teaching my lesson, and showing how I go onto a cache page, and look at info on the cache. When I tried to load the page, because our school blocks facebook, the entire page vanishes and an ACCESS DENIED message appears. I cannot view a single cache page.

 

I'd really like to be able show my class what a cache entry looks like, but can't. I was frustrated, my 12 year olds were frustrated.

 

Any options or workarounds?

Link to comment

I teach grade 6, and every year I do a GPS/Geocaching unit. It's a great end of year activity, the kids enjoy it, and a few each year persuade their parents to let them buy a GPS and take up the hobby. All good!

 

However, today I was teaching my lesson, and showing how I go onto a cache page, and look at info on the cache. When I tried to load the page, because our school blocks facebook, the entire page vanishes and an ACCESS DENIED message appears. I cannot view a single cache page.

 

I'd really like to be able show my class what a cache entry looks like, but can't. I was frustrated, my 12 year olds were frustrated.

 

Any options or workarounds?

 

Are you saying that blocking access to facebook also blocks access to geocaching.com?

Link to comment

I wonder if there is a chance that your employer wants to restrict access to geocaching.com?

 

Nope, every geocaching page without a facebook connection is fine. I'm a teacher, the person in charge of blocking sites actually has encouraged us to use GPS and the site.

 

I'd also had this problem with the Vancouver Olympics page, but if I managed to hit stop quickly enough, could still use it. Try as I might today, that didn't work. When there's content on a page that gets blocked, the entire page gets taken over with the blocked message. It's fairly standard in schools.

 

Unfortunately, I can't do anything about it. I can't tell the district who to hire, and he's my friend's ex, so I don't think he'll listen to me. :)

 

Has anyone come up with workaround solutions so that I can still view cache pages? Any Firefox add-ons that allow me to block specific sites when I want to (I'd like to use facebook on my netbook at home!)?

 

Thanks for any help...

Link to comment

LilDevil: "Tell your administrators to hire competent IT personnel. There is no reason to block an entire page just because a child iframe tries to load facebook."

 

Please most schools can't afford to keep good teachers, much less good tech staff.

 

I would first let them know your issue and ask if there is anything they can do. A former school I worked for had a login pop up for any sites that were on the 'banned' list, which was nice.

 

I've had to find workarounds for this many times. Do a search for free proxies. They will work their way around the system. Schools may block some proxies, but not all. If you cannot find one that works within 5 minutes ask your students. Students are the first to learn how to work around the system.

Link to comment

Technically, what's probably happening is the facebook iframe is being directed to the school's custom access denied page, which also includes code to then reload the TOP (parent) frame with the access denied page - this is an extreme implementation, but it may very well be policy that any page or website trying to access a denied website should also be denied.

 

Again, it's a fault with the way facebook is trying to implement the "Like" button, but at the same time, it's an issue that is easily resolved in a way that resolves most if not all the controversy about GC's inclusion of this feature -

 

Make it an optional, standard "Share on Facebook" image button hosted on GC.com, linking to the share URL that accomplishes just what "Like" does on Facebook, but without the privacy controversy or problems with iframe elements in general.

Link to comment

add : 127.0.0.1 www.facebook.com to your hosts file.

 

To further clarify this (for windows computers):

 

You can find the file hosts under C:\Windows\System32\drivers\etc

Double click it and Open it with Notepad

 

Just put it on the last line.

 

This will make you PC redirect www.facebook.com to itself, causing facebook not to load without triggering the school's firewall.

 

If you're on Linux, Mac it's a bit different and it's probably best to google it ;-)

Link to comment

add : 127.0.0.1 www.facebook.com to your hosts file.

 

To further clarify this (for windows computers):

 

You can find the file hosts under C:\Windows\System32\drivers\etc

Double click it and Open it with Notepad

 

Just put it on the last line.

 

This will make you PC redirect www.facebook.com to itself, causing facebook not to load without triggering the school's firewall.

 

If you're on Linux, Mac it's a bit different and it's probably best to google it ;-)

Hi potential to be wrong.

 

Most likely the school is using proxy servers, if they are, then this won't work. Any time you are using proxy servers, the proxy server does the nslookup.

 

On top of that, regardless of who does the nslookup, once the schools filters see the facebook.com in the pages html that comes from gc, thats it anyway, so it may not even take a call to facebook, just the fact its there is more likely whats tripping it.

Link to comment

Most likely the school is using proxy servers, if they are, then this won't work. Any time you are using proxy servers, the proxy server does the nslookup.

The local system always checks the hosts file before going to DNS.

 

On top of that, regardless of who does the nslookup, once the schools filters see the facebook.com in the pages html that comes from gc, thats it anyway, so it may not even take a call to facebook, just the fact its there is more likely whats tripping it.

Proxies that do full content inspection instead of matching hostnames & URLs are much slower, more expensive & require far more horsepower. Almost no one, especially networks on a tight budget like in a school, do this.

 

Blackholing the domain via HOSTS should work in over 95% of cases.

Link to comment

Most likely the school is using proxy servers, if they are, then this won't work. Any time you are using proxy servers, the proxy server does the nslookup.

The local system always checks the hosts file before going to DNS.

 

On top of that, regardless of who does the nslookup, once the schools filters see the facebook.com in the pages html that comes from gc, thats it anyway, so it may not even take a call to facebook, just the fact its there is more likely whats tripping it.

Proxies that do full content inspection instead of matching hostnames & URLs are much slower, more expensive & require far more horsepower. Almost no one, especially networks on a tight budget like in a school, do this.

 

Blackholing the domain via HOSTS should work in over 95% of cases.

Wrong on both accounts.

 

I won't argue that content checking costs more resources, but almost all modern proxy servers do this. To not do so is irresponsible if you are looking for any type of security (ie scanning for viruses and other bad stuff, people trying to work around onsite security, etc), also, the pure definition of a proxy server indicates that it does cache material, thus having a copy of the material anyway, so the resources aren't that much more demanding.

 

Also, proxy servers (except for some real specialized setups) work by the client passing the URL (not the ip) of the resource they are looking for, and it becomes the proxy servers job to obtain that resource. At no point does the client need to know how to access that resource, the client will even work perfectly happy without access to a dns server, as its never touched.

Link to comment
The local system always checks the hosts file before going to DNS.

this is true for SOCKS proxies (at least the most common versions of them out there), but not for HTTP proxies, and this is what it is most likely. with HTTP proxies, the client doesn't need to do any DNS lookup at all, but rather sends the full URL it wants to load to the proxy and the proxy does the rest.

 

however, if the user has any control over the proxy configuration on their system, they can add facebook.com as an exception to the proxy usage, which means the browser will try to load the URLs directly, circumventing the proxy and thus running into the 127.0.0.1 trap.

Link to comment

Tell your administrators to hire competent IT personnel. There is no reason to block an entire page just because a child iframe tries to load facebook.

 

In my experience school district IT people are often limited by rules and procedures set up by administrators, boards, or committees that really have limited knowledge of the subject. It would be more productive to force the administrators to let the IT people do their job.

Link to comment

I wonder if there is a chance that your employer wants to restrict access to geocaching.com?

 

Nope, every geocaching page without a facebook connection is fine. I'm a teacher, the person in charge of blocking sites actually has encouraged us to use GPS and the site.

 

I'd also had this problem with the Vancouver Olympics page, but if I managed to hit stop quickly enough, could still use it. Try as I might today, that didn't work. When there's content on a page that gets blocked, the entire page gets taken over with the blocked message. It's fairly standard in schools.

 

Unfortunately, I can't do anything about it. I can't tell the district who to hire, and he's my friend's ex, so I don't think he'll listen to me. :angry:

 

Has anyone come up with workaround solutions so that I can still view cache pages? Any Firefox add-ons that allow me to block specific sites when I want to (I'd like to use facebook on my netbook at home!)?

 

Thanks for any help...

 

Kinda difficult to understand how this person's supervisor would be unconcerned with restrictions that some staff member has placed on your ability to conduct classroom instruction. How would that work?

 

Or for that matter, your own supervisor.

Edited by Team Cotati
Link to comment

See my note above. In the district where I taught the line of reasoning would have gone like this. Facebook = bad. Anything connected with Facebook, connected to Facebook or even containing the word Facebook is forbidden. They would even have blocked incoming personal email that contained the word Facebook.

Edited by edscott
Link to comment

See my note above. In the district where I taught the line of reasoning would have gone like this. Facebook = bad. Anything connected with Facebook, connected to Facebook or even containing the word Facebook is forbidden. They would even have blocked incoming personal email that contained the word Facebook.

Thats the way it works at my wife's school.

 

They block any page that has any links to facebook. It tends to cream an awful lot of internet pages.

Link to comment

Today is June 9th.

 

When is the last day of this school year at your location?

 

June 30th. I usually do the second to last week of regular classes as my GPS week, as the kids are too wound up to do real work, and then the last week is for exam study.

 

The person in charge of the restrictions has no boss or supervisor, unless it was the school board. So realistically, no. We have a head of technology, who really doesn't answer to other people. We faced cuts this year, and many of us were hoping the position would go, and leave the techs. At this point, the next time I see a tech I'll ask him for help, as he's more likely to find me a solution... if it's within his power.

 

The google translator is working as a rough work around, thank you to the poster who suggested it. Until I can persuade the tech into another option, as least it's something.

Link to comment

The person in charge of the restrictions has no boss or supervisor, unless it was the school board. So realistically, no. We have a head of technology, who really doesn't answer to other people.

Ultimately, everyone employed by the school district answers to the board, don't they?

 

Getting the board to care enough to take action is an exercise left to the reader - if you can make the case that 1) the activity is sanctioned by the people in your chain of command and 2) there's educational value, you might have a chance. But probably not this late in the school year. It sounds like your "head of technology" likes the little empire he's built for himself - schools can be breeding grounds for people with personalities like that. And budgeting to get it done totally right (separate networks for students vs. faculty/staff) is prohibitive in most school districts right now.

 

What Groundspeak really ought to do (and it's been brought up in another thread) is give people the option to turn it off. Call it "Enable integration with other websites" instead of just Facebook, so that when they add hooks to LinkedIn, Twitter & other stuff you can shut it all off in one go.

 

In the meantime...there are other geocache listing sites beyond geocaching.com if you can't block it via your own filtering. GC.com is the most active & polished, but the others may have enough for you to work with.

Edited by dakboy
Link to comment

Today is June 9th.

 

When is the last day of this school year at your location?

 

June 30th. I usually do the second to last week of regular classes as my GPS week, as the kids are too wound up to do real work, and then the last week is for exam study.

 

The person in charge of the restrictions has no boss or supervisor, unless it was the school board. So realistically, no. We have a head of technology, who really doesn't answer to other people. We faced cuts this year, and many of us were hoping the position would go, and leave the techs. At this point, the next time I see a tech I'll ask him for help, as he's more likely to find me a solution... if it's within his power.

 

The google translator is working as a rough work around, thank you to the poster who suggested it. Until I can persuade the tech into another option, as least it's something.

 

I suppose that in a way you are lucky to work in a place where their technology support is so inadequate and out of control.

 

I can tell you that in lots of places, knowingly circumventing Internet access controls, could get you in deep deep yogurt. That of course assumes that any of the suggestions thus far actually worked.

 

June 30th.? Yikes, no wonder the kids are so antsy.

Link to comment

Would Chrysalides "Nix white space" grease monkey script do the trick here? http://userscripts.org/scripts/show/66749

Unlikely as the local computer is running the greasemonkey script and by then the whole page needs to have been delivered through the schools security setup to that local PC. The error will have been triggered.

Agree, that is not likely to work.

 

If setting facebook.com to localhost doesn't work, someone has suggested a way of blocking it using AdBlock Plus (I don't have the details though).

 

If the firewall or proxy is scanning the page contents, the only way around it is to have your browser load through another proxy (outside the firewall) that will remove the offending iframe. Unfortunately this is neither easy nor efficient.

 

If all else fails, just print out the page and show the dead tree version of the cache page.

Link to comment
If setting facebook.com to localhost doesn't work, someone has suggested a way of blocking it using AdBlock Plus (I don't have the details though).

just make a new rule:

 

http://www.facebook.com/plugins/like.php?href=http://www.geocaching.com/seek/cache_details*

 

works like a charm.

Edited by dfx
Link to comment

That most likely wouldn't work, since AdBlock Plus removes the ads after the page has loaded. The modifying the hosts file idea seems like an effective one, has the OP tried that yet?

 

So far the suggestions made in this forum appear not to work. Except I didn't see anyone say that thebruce0's solution wouldn't work:

 

... it's an issue that is easily resolved in a way that resolves most if not all the controversy about GC's inclusion of this feature -

 

Make it an optional, standard "Share on Facebook" image button hosted on GC.com, linking to the share URL that accomplishes just what "Like" does on Facebook, but without the privacy controversy or problems with iframe elements in general.

Link to comment

That most likely wouldn't work, since AdBlock Plus removes the ads after the page has loaded. The modifying the hosts file idea seems like an effective one, has the OP tried that yet?

 

So far the suggestions made in this forum appear not to work. Except I didn't see anyone say that thebruce0's solution wouldn't work:

 

... it's an issue that is easily resolved in a way that resolves most if not all the controversy about GC's inclusion of this feature -

 

Make it an optional, standard "Share on Facebook" image button hosted on GC.com, linking to the share URL that accomplishes just what "Like" does on Facebook, but without the privacy controversy or problems with iframe elements in general.

 

That somebody would have to have the term Lackey in their title.

Link to comment

Assuming nothing so far works to get around the firewall, and asking the school to relax that is not an option, I see two choices:

 

1. Show a cached / offline page

2. Get a wireless card that connects to a cellular network - this might include using your own notebook. Assuming bringing in your own computer is not against school policy.

 

None ideal.

Link to comment

That most likely wouldn't work, since AdBlock Plus removes the ads after the page has loaded.

that is not correct. adblock plus stops the ads from loading, period. in this case, no requeset is made to the FB server with ABP enabled, at all. so this will work.

Link to comment

That most likely wouldn't work, since AdBlock Plus removes the ads after the page has loaded.

that is not correct. adblock plus stops the ads from loading, period. in this case, no requeset is made to the FB server with ABP enabled, at all. so this will work.

No, not necessarily.

 

The proxy server will see the html (and thus the facebook iframe) before it even gets to the client desktop for adblock to see. The decision to block it is made before the client, and adblock, has a chance to see the html from gc.

Link to comment
The proxy server will see the html (and thus the facebook iframe) before it even gets to the client desktop for adblock to see. The decision to block it is made before the client, and adblock, has a chance to see the html from gc.

that's assuming the proxy does content inspection, which it probably doesn't. more likely is that when it sees a request for something.facebook.com, it doesn't proxy that request but instead hands out a different HTML page (containing javascript code to screw the whole document over).

Edited by dfx
Link to comment
The proxy server will see the html (and thus the facebook iframe) before it even gets to the client desktop for adblock to see. The decision to block it is made before the client, and adblock, has a chance to see the html from gc.

that's assuming the proxy does content inspection, which it probably doesn't. more likely is that when it sees a request for something.facebook.com, it doesn't proxy that request but instead hands out a different HTML page (containing javascript code to screw the whole document over).

 

in any case, my statement is still correct. with ABP, no request is made to the FB server, ever.

Since the OP hasn't chimed in with their specific setup, I'll speak from my consulting experience. My experience is that most schools are more concerned with content than specific domains, although someone at the top gets freaked out and individual domains do end up getting blocked (as seems to be the case here). But, it still starts at content filtering. This isn't an employer that runs a proxy in hopes to cache a few pages and speed up their internet to save money, this is an organization that has a responsibility to protect kids from certain content, and that can not be done by blocking a few sites. Content filtering is always way more effective than domain blocking.

 

I would be very shocked if this school district isn't doing content inspection/filtering, especially since its vaguely required by the department of education.

Link to comment
I would be very shocked if this school district isn't doing content inspection/filtering, especially since its vaguely required by the department of education.

i guess only the OP will be able to answer this. however, the OP talks about the page "vanishing", which to me sounds very much like a piece of javascript kicking in that wipes the whole page after it has loaded.

Link to comment

Again, the simplest possible way this is happening, in my opinion, is a little bit of a javascript code in the Access Denied page that checks if the body belongs to a parent window, and if so, loads the Access Denied page on the top level browser frame. No need for proxies, no need for tricky domain routing or anything like that. A simple javascript code will do the deed.

Of course, we have no idea what the page actually does, so... *shrug*

 

Whatever it is, GC can adjust the facebook integration to avoid the problem and still provide all the functionality people (who use Facebook) would love. A share button, linked to the FB linkshare URL.

Link to comment

Member for one month.

 

Logged two caches.

 

Years of experience teaching geocaching/GPS topics to sixth graders.

 

Got it.

 

Hey he is introducing Geocaching to 30+ families a year. That's a plus if it is the only day he spends on the topic in a year. I started Orienteering because of a program given by another parent in my kid's kindergarden class. Since then I've been contributor to the sport at the local and national level. By coincidence that same person introduced me to Geocaching.

Link to comment

add : 127.0.0.1 www.facebook.com to your hosts file.

 

To further clarify this (for windows computers):

 

You can find the file hosts under C:\Windows\System32\drivers\etc

Double click it and Open it with Notepad

 

Just put it on the last line.

 

This will make you PC redirect www.facebook.com to itself, causing facebook not to load without triggering the school's firewall.

 

If you're on Linux, Mac it's a bit different and it's probably best to google it ;-)

 

Yes, this is correct, I'll add a little bit for Vista. In Vista you need to run Notepad as Administrator to be able to do the hostfile 'hack.'

Link to comment

Member for one month.

 

Logged two caches.

 

Years of experience teaching geocaching/GPS topics to sixth graders.

 

Got it.

 

You're special. Seriously dude, go away - let's keep the forums happy! :blink:

Every once in a while, someone quotes a certain someone's postings, and reminds me why I'm glad I put that certain someone on my ivery, very short gnore list.
Link to comment

Member for one month.

 

Logged two caches.

 

Years of experience teaching geocaching/GPS topics to sixth graders.

 

Got it.

 

The person could have had another account in the past. We're supposed to be nice in the Getting Started Section...

 

But then again we are not in the Getting Started Section.

Link to comment

All this talk about a work around for something that Groundspeak implemented. What's wild is it appears the attitude here is, "Well, Groundspeak put it there and if we don't want it then we have to find out a way to remove it on our own." Which, really sums it up, anyway.

 

How about if Groundspeak adds a little tick to the user file that gives the option of "Include FaceBook 'like' button." Let the user decide and move on. Why does Groundspeak think the proper way to approach anything is force something on someone regardless of whether they want it or will ever use it?

Link to comment
Guest
This topic is now closed to further replies.
×
×
  • Create New...