Jump to content
Sign in to follow this  
Followers 15
Geocaching HQ

Release Notes (Website: User profiles) - November 8, 2018

Recommended Posts

6 hours ago, Gill & Tony said:

Can anyone explain to me why European law applies in the US or any other non-European country?  I mean, if an EU citizen chooses to visit the US physically, they are subject to US law.  Why is it different if they choose to visit virtually?

 

(re)read the GDPR thread for that.

In short, if a US company chooses to be active in the EU they have to abide by EU law.

 

Share this post


Link to post
21 hours ago, Gill & Tony said:

I'm not going to reply now, because if I say what I  think, it will lead to a ban.

Not happy.

19 hours ago, HHL said:

An extra fat +1

 

Well, yes. 

  1. First we were promised that what worked on the staging site (which was abysmally slow for some reason) would work on the live site. It worked on the staging site, then it didn't work on the live site, and now you're confirming that it won't work again, either. I work in IT. If one of my teams had rolled out a major change like that, I would have summarily fired the entire team. That roll-out was amateurish, and its communication is unprofessional.
  2. Many people, myself included, have spent countless hours tweaking their profile pages. You just flushed that work down the proverbial drain. What can we expect in return? Two years of free membership? 
  3. 2019 is coming, fast. And we still do not have a website that works properly on mobile devices. Where did  all the money go which we paid over the last (in my case, nine) years? Was that all spent on amateur bloggers churning out meaningless, ugly souvenirs that are, by now, the only part of our profile over which we have some control? 
  4. Most GDPR related issues were issues under US law for years. Have you been breaking US law for years? If not, which GDPR related issues exactly were you trying to address? 

In a nutshell, no. No, Groupspeak, this is not how you roll out a major change to a website with high membership fees. This is not how you treat long-term users and their interests. And no, this is not what I intend to pay for any more. I have three memberships (one with 18186 favourite points), and unless I get something meaningful in return, I do not intend to renew them. 

 

Shame on you for this Charlie Foxtrott, Groundspeak.

Robin

Edited by RNKBerlin
Words.
  • Upvote 1

Share this post


Link to post
7 hours ago, Gill & Tony said:

Can anyone explain to me why European law applies in the US or any other non-European country?  I mean, if an EU citizen chooses to visit the US physically, they are subject to US law.  Why is it different if they choose to visit virtually?

Because Groundspeak is doing business in Europe, selling products to European customers. It's the exact same when companies do it the other way, provide services from Europe to American users.

Share this post


Link to post
17 minutes ago, thomfre said:

Because Groundspeak is doing business in Europe, selling products to European customers. It's the exact same when companies do it the other way, provide services from Europe to American users.

 

The EU-GDPR was implemented on 25 May 2018. Has Groundspeak been breaking EU law for months? If not, which EU-GDPR related issues exactly were addressed by this change to the profile pages? 

Share this post


Link to post
1 hour ago, RNKBerlin said:

 

The EU-GDPR was implemented on 25 May 2018. Has Groundspeak been breaking EU law for months? If not, which EU-GDPR related issues exactly were addressed by this change to the profile pages? 

Most companies have been breaking the law for months, yes. Including the big ones, like Facebook. But in this case, it's just bad wording from Groundspeak. This change has nothing to do with GDPR. This has to do with security, so it is probably more related to PCI.

Share this post


Link to post

I'm very unhappy with this change, and the way it is communicated :(:(

The profile pages are a part of the geocaching experience, where geocachers express and show what they achieved and experienced with geocaching.

Some people spent a lot of time setting up a structured profile page, and/or developing tools for others to do so.

And this change just breaks that, without proper communication to the geocachers, your customers!

You sent out regular newsletters about e.g. Souvenir challenges and memorable caches.

But when you plan to break the profile page functionality, you don't feel it is necessary to communicate it to the users.

It feels like you either intentionally try to break the profile page functionality, or that you just don't care about the impact on your customers.

Not happy :mad:

 

 

 

  • Upvote 4

Share this post


Link to post
51 minutes ago, thomfre said:

 But in this case, it's just bad wording from Groundspeak. This change has nothing to do with GDPR. This has to do with security, so it is probably more related to PCI.

 

Do you work for Groundspeak? If not, would someone from Groupspeak care to provide an official response? Including which problem(s) exactly Groundspeak was trying to solve?

Share this post


Link to post
1 hour ago, The CEO said:

I'm very unhappy with this change, and the way it is communicated

 

Would it be better communicated if I tell you that letting users to enter javasript on their profile page allows stealing other user's personal data from that website and that is agains the GDPR.

Share this post


Link to post
5 minutes ago, arisoft said:

 

Would it be better communicated if I tell you that letting users to enter javasript on their profile page allows stealing other user's personal data from that website and that is agains the GDPR.

 

Actually, no. It would, however, make me fundamentally question your level of exertise regarding the prevention of Cross-Site Scripting in ASP.NET. 

Share this post


Link to post
29 minutes ago, RNKBerlin said:

 

Do you work for Groundspeak? If not, would someone from Groupspeak care to provide an official response? Including which problem(s) exactly Groundspeak was trying to solve?

Wow, no need to be so unfriendly. I do not work for Groundspeak. But I work a lot with GDPR.

But this response is from a lackey:
 

On 11/9/2018 at 1:28 AM, bootron said:

 

We have been making various changes to the website and mobile app in order to support GDPR issues and also PCI Compliance and general security concerns. This particular change is more about the latter two than it is about GDPR.

 

bootron


Thank you for patching security holes before you tell people how to abuse them, Groundspeak. This is the way you should do it.

  • Upvote 2

Share this post


Link to post
8 minutes ago, arisoft said:

 

Would it be better communicated if I tell you that letting users to enter javasript on their profile page allows stealing other user's personal data from that website and that is agains the GDPR.

I don't think you are understanding the concern correctly. Some of the posts above were made by individuals that have put countless hours of their own time into giving functionality to caching that the website will never be able to provide, they have also been debugging the new API for GS free of charge. It's been know for quite a while that CSS and javascript were going away and GS told these developers they would have time to modify and test their developments on the staging servers before this change was made, then pulled the rug out from underneath them. 

  • Upvote 3

Share this post


Link to post
14 minutes ago, arisoft said:

 

Would it be better communicated if I tell you that letting users to enter javasript on their profile page allows stealing other user's personal data from that website and that is agains the GDPR.

 

I can understand and accept that for security reasons, there may need to be limitations to what is allowed in a profile.

At the same time I believe that there may be solutions possible that solve the security concerns and still allow a good profile page experience.

  • Upvote 1

Share this post


Link to post
4 hours ago, The CEO said:

At the same time I believe that there may be solutions possible that solve the security concerns and still allow a good profile page experience.

 

This may be a correct conclusion but there are still opportunities for other, less severe, misuses. That's why I am not waiting that this feature will be back.

Share this post


Link to post

I understand restricting the use of some features in user generated content. I still find it regrettable the possibility to hide and show parts of my profile on user interaction is disabled. Moving from complaining to working to a solution: Would it be possible to allow some attributes that allow a bit of javascript code under control of GCHQ to hide and show elements in a profile page?

 

I'm thinking a solution like bootstrap collapse https://getbootstrap.com/docs/4.0/components/collapse/ preferable also with an option that responds on mouse overs.

 

Although I expect your engineers to be able to write such a script, this is also an offer to write that code for you.

 

Tc

Share this post


Link to post
6 minutes ago, technetium said:

Moving from complaining to working to a solution: Would it be possible to allow some attributes that allow a bit of javascript code under control of GCHQ to hide and show elements in a profile page?

 

I asked the same question a few posts upthread and bootron's response was crystal clear: there are no plans of doing that.

  • Love 2

Share this post


Link to post

The easiest solution to fix scripts is to create your own web page for all dynamic content and give only a link to that page on the profile page. You may also attach a dynamic image on the profile page as a link.

Share this post


Link to post

@sbeelis, I interpreted @bootron 's reaction as no plans for allowing a subset of javascript. Which is hard to implement, so understandable. What I suggest is allowing users to add attributes to html elements. (I don't see how a data attribute can be a security issue, but I might learn something). The the showing and hiding of those elements is handled by a javascript under control of GSHQ (just as the tab's in the profile and pagination of logs and caches) Since they have already this kind of features. The hiding and showing can also be implemented in a secure way.

 

@arisoft Yes, I'm already working on a separate stats page. The disadvantage is that people have to leave the geocaching.com site. B.t.w. I assume you mean by dynamic image the way project-gc stats work. An image with generated stats that leads to their stats page. What I want to accomplice is dnamic with user behaviour. For examples tabs to select parts of the information and maps that zoom in on a mouse over. If you know how to realise that with a dynamic image: Please explain.

 

 

Share this post


Link to post
8 minutes ago, technetium said:

@arisoft Yes, I'm already working on a separate stats page. The disadvantage is that people have to leave the geocaching.com site. B.t.w. I assume you mean by dynamic image the way project-gc stats work. An image with generated stats that leads to their stats page. What I want to accomplice is dnamic with user behaviour. For examples tabs to select parts of the information and maps that zoom in on a mouse over. If you know how to realise that with a dynamic image: Please explain.

 

It is possible to have different image for every player. Just use cookies if you have your own web server for images.

Share this post


Link to post
2 hours ago, technetium said:

I understand restricting the use of some features in user generated content. I still find it regrettable the possibility to hide and show parts of my profile on user interaction is disabled. Moving from complaining to working to a solution: Would it be possible to allow some attributes that allow a bit of javascript code under control of GCHQ to hide and show elements in a profile page?

 

That would be a clean solution. There are countless of ASP.NET driven websites out there where the owner of the main site has little to no control over the content served by third parties. But there are ways to clean up the code on the server side. Why Groundspeak did not implement something like that remains a mystery. And an insult to people who spent a lot of time and effort to make statistics more enjoyable for other geocachers.

Share this post


Link to post
21 minutes ago, RNKBerlin said:

That would be a clean solution. There are countless of ASP.NET driven websites out there where the owner of the main site has little to no control over the content served by third parties. But there are ways to clean up the code on the server side. Why Groundspeak did not implement something like that remains a mystery. And an insult to people who spent a lot of time and effort to make statistics more enjoyable for other geocachers.

 

When there is time for such activities, cache pages must be priorized. No javascript has been allowed on cache pages for years and when the system is ready to filter javasript on safely manners it should be implemented on cache decriptions, because they are more important than profiles. Exactly the same filtering can be used for both.

Share this post


Link to post

How does changing a link from plaintext to a JS link with the original target base64 encoded make things more secure? With plaintext I can easily see what site a link will send me to before I click on it. Not so much with this change.

 

And JS links in general are just a very bad idea when thinking about usability

  • Upvote 2

Share this post


Link to post
1 minute ago, reybr said:

How does changing a link from plaintext to a JS link with the original target base64 encoded make things more secure? With plaintext I can easily see what site a link will send me to before I click on it. Not so much with this change.

 

And JS links in general are just a very bad idea when thinking about usability


This is so very true. I consider this to be a much higher security risk than just allowing plain normal links without that stupid warning alert. But if it's just base64 encoded, we should be able to make a simple user script to fix this...

Share this post


Link to post
1 hour ago, arisoft said:

 

When there is time for such activities, cache pages must be priorized. No javascript has been allowed on cache pages for years and when the system is ready to filter javasript on safely manners it should be implemented on cache decriptions, because they are more important than profiles. Exactly the same filtering can be used for both.

 

Do you speak for Groundspeak? If not, I am still waiting for an official reply. 

 

And fresh from the adding insult to injury department, this. Yes, that is my current profile page. Thanks for nothing, Groundspeak.

Screenshot_20181111-2152.png

Share this post


Link to post

OK, maybe I didn't say the "correct" thing in my original post.  When you complete a challenge cache, the owner requires you to either 1.)  Upload all the information to the log, or 2.) make sure it is available in the stats on your profile page.  The latter is what I was referring to.  COs were trying to be considerate and check on your stats without have the information posted on the page.  Clear now?

Share this post


Link to post

I m not happy at all, as many here. I do my stats with GSAK and FSG, and i saw this yesterday only. I uploaded 3 times before seeing that was a change from Groundspeak which is the problem.

I prefer stop talking of that now, because i could be very very not nice with my words...🤐

  • Upvote 1

Share this post


Link to post
10 hours ago, RNKBerlin said:

And fresh from the adding insult to injury department, this. Yes, that is my current profile page. Thanks for nothing, Groundspeak.

Screenshot_20181111-2152.png

 

This clearly is a bug. Bugs happen. In all software. You really need to take a chill pill.

Edited by thomfre
typo
  • Upvote 1

Share this post


Link to post
1 hour ago, thomfre said:

This clearly is a bug. Bugs happen. In all software

 

GS is changing there System from "working" to "Server Error" and you are telling us this is the way software works?

I expect that systems are tested before they go live, I don't want to be GS testing Guinea pig.

Share this post


Link to post
3 hours ago, DragonSoldier45 said:

OK, maybe I didn't say the "correct" thing in my original post.  When you complete a challenge cache, the owner requires you to either 1.)  Upload all the information to the log, or 2.) make sure it is available in the stats on your profile page.  The latter is what I was referring to.  COs were trying to be considerate and check on your stats without have the information posted on the page.  Clear now?

Ah, now I understand what you were saying.  It's too bad that the changes will not help with those challenge caches (CC's) in the same way as before.  Keep in mind that those would only be the grandfathered pre-moratorium CC's - since the post-moratorium CC's do not require the finder to prove they have qualified.  The CO would use a challenge checker to confirm the finder's qualified.  Complaining about how security-related changes are making things harder for pre-moratorium CC's seems like another proverbial nail in the coffin of challenge caches.  Personally, I prefer attaching a screenshot of my statistics to my CC "Found It" logs, because my statistics could change later and I might become unqualified.  So, I want to "snapshot" that I qualified at the time I logged the find.  Something to consider.

Share this post


Link to post
3 minutes ago, Mausebiber said:

 

GS is changing there System from "working" to "Server Error" and you are telling us this is the way software works?

I expect that systems are tested before they go live, I don't want to be GS testing Guinea pig.

Server Error is not how RNKBerlin's page looks when I click on his Profile now.

The Server Error is not because of the changes in this thread's OP.  It's because of general server issues with the site.  That error has popped up for various people visiting various pages, not just the Profile page.  See  HERE.

Share this post


Link to post
2 minutes ago, noncentric said:

The Server Error is not because of the changes in this thread's OP.  It's because of general server issues with the site.  That error has popped up for various people visiting various pages, not just the Profile page

 

Thanks, it just happened at about the same time, so I thought the rollout of new SW was causing the error.

Share this post


Link to post
38 minutes ago, Mausebiber said:

 

GS is changing there System from "working" to "Server Error" and you are telling us this is the way software works?

I expect that systems are tested before they go live, I don't want to be GS testing Guinea pig.

 

They did not change it from working to "Server Error". Nobody does that. But bugs are rather common in software development. There's always that one thing you forgot to test, that is different in production.

For all I know, this could even be a problem with the load balancer. It's probably anyway unrelated to the profile page change, since it affects all pages (seemingly randomly).

The systems are tested. But keep in mind that Groundspeak has less than 100 employees. Even Facebook and Google, with thousands of devs, have bugs in production...

It sucks when things doesn't work, I fully agree on that. But it doesn't help to attack the people that can fix it...

  • Helpful 2

Share this post


Link to post
18 hours ago, thomfre said:
18 hours ago, reybr said:

How does changing a link from plaintext to a JS link with the original target base64 encoded make things more secure? With plaintext I can easily see what site a link will send me to before I click on it. Not so much with this change.

 

And JS links in general are just a very bad idea when thinking about usability


This is so very true. I consider this to be a much higher security risk than just allowing plain normal links without that stupid warning alert. But if it's just base64 encoded, we should be able to make a simple user script to fix this...

 

Exactly. If this change was solely to intercept links and popup a fairly standard "This link takes you away from geocaching.com" confirmation dialog, the page can easily intercept standard link interactions without hijacking the href attribute.   That content should absolutely remain as intended.  Obfuscating URLs isn't secure unless it's for a much bigger reason (like search engines hiding the query page from being a referer source; which is a whole other type of annoying for web traffic statistics analysis, but whatev).  I don't think there's any reason to hide profile pages as a referrer.  And as I recall the https protocol also now doesn't show referer urls from secure SSL to non-secure websites anyway which much of the internet still is (and geocaching.com is entirely SSL now, afaik).

Share this post


Link to post

A reminder: in this Release Notes thread, please limit comments to the changes in the Geocaching.com profile pages.  Unrelated complaints, bug reports, etc. should be discussed in other threads.  Thank you.

Share this post


Link to post
1 hour ago, Keystone said:

A reminder: in this Release Notes thread, please limit comments to the changes in the Geocaching.com profile pages.  Unrelated complaints, bug reports, etc. should be discussed in other threads.  Thank you.

 

My pleasure. I would still greatly appreciate answers to the questions asked in this post, this post, and this post. Thank you.

Edited by RNKBerlin

Share this post


Link to post
20 minutes ago, The Jester said:

You might not know, but Keystone is a volunteer moderater (and reviewer) and doesn't get a salary (at least, not from GS.com).

 

 

Thanks for the information. I did not know that. I have updated my post accordingly. I am still waiting for Groundspeak to answer these questions. 

Share this post


Link to post
35 minutes ago, RNKBerlin said:

 

My pleasure. I would still greatly appreciate answers to the questions asked in this post, this post, and this post. Thank you.

Since I'd like to get out geocaching today instead of volunteering my time to mind the store here in the forums, I will simplify things:  Don't post again to this thread.  Wait for Geocaching HQ staff to return after the three day holiday weekend, and see if they answer those questions.

Share this post


Link to post
On 11/8/2018 at 5:27 PM, thebruce0 said:

Well, count me as one affected. hmph.

I liked the speed loading the profile page with static content, then loading an auto-updated optional large caching gsak stats page if the user wished, and not needing to regularly update the profile content.  Boo. Back to the more tedious basics.

 

Me too.  I include statistics generated from project-gc.  Previously I could click on the image and it would take me to the project-gc site where I could see all of the tabs  (e.g. Maps) in my project-gc profile.  Now I can't.

Share this post


Link to post
58 minutes ago, NYPaddleCacher said:

Me too.  I include statistics generated from project-gc.  Previously I could click on the image and it would take me to the project-gc site where I could see all of the tabs  (e.g. Maps) in my project-gc profile.  Now I can't.

 

I looked at your profile and clicked the image. It warned about leaving the site and about a popup window and finally I got your statistics loud and clear. What is the problem?

Share this post


Link to post
2 minutes ago, arisoft said:
1 hour ago, NYPaddleCacher said:

Me too.  I include statistics generated from project-gc.  Previously I could click on the image and it would take me to the project-gc site where I could see all of the tabs  (e.g. Maps) in my project-gc profile.  Now I can't.

 

I looked at your profile and clicked the image. It warned about leaving the site and about a popup window and finally I got your statistics loud and clear. What is the problem?

 

Middle click. Open in new tab. Do anything with the href link other then a mere left click or finger tap. Many people use the link in other more efficient ways, because it allows them to control how the link is treated.  Hijacking the href URL to work only in a limited subset of standard browser interactions breaks all of that.

  • Upvote 3

Share this post


Link to post
9 minutes ago, thebruce0 said:

Middle click. Open in new tab. Do anything with the href link other then a mere left click or finger tap. Many people use the link in other more efficient ways, because it allows them to control how the link is treated.  Hijacking the href URL to work only in a limited subset of standard browser interactions breaks all of that.

Doing a regular "left-click" of the PGC section opens the PGC page in a new tab. (in Firefox 63.0.1)

Doing a "right-click" -> "Open in new tab" of the PGC section opens the same geocaching.com profile page in a new tab. (in Firefox 63.0.1)

Is this different than how it functioned before this Profile page change?

 

Edited by noncentric
clarify

Share this post


Link to post
14 minutes ago, noncentric said:

Doing a regular "left-click" of the PGC section opens the PGC page in a new tab. (in Firefox 63.0.1)

Doing a "right-click" -> "Open in new tab" of the PGC section opens the same geocaching.com profile page in a new tab. (in Firefox 63.0.1)

Is this different than how it functioned before this Profile page change?

 

 

Yes. Links were left as the user left them in the source html. They are now hijacked during HTML sanitizing for gc.com script interception. Now, "Open in new tab" opens the same GC profile page because the URL is the same as current - the profile page you're looking at. The hijack is in place by appending a hash to the URL which the GC script recognizes, so that it can intercept the link, prompt the confirmation, then follow through with the original URL (which can only be done via the GC script, not with standard browser behaviour).

 

Before the change, the link was just the destination URL. Browser actions on the link were normal. "Open in a new tab" would open the intended destination URL in a new tab. Not so now.

 

Or, as an example in extremely simplified code:

Before:

<a href="http://mydestinationwebsite.url">Click me!</a>

After:

<a href="https://geocaching.com/current-profile-url#interceptable-mydestinationwebsite-url">Click me now!</a>

If you open the latter in a new tab, the hash is irrelevent and the same profile page displays. If you open the link in the normal way (ie, left click or tap), the GC script intercepts the action, does the navigate confirmation, and reads the hash data to take the user to the original intended destination url, which is no longer possibel using any other method.

 

There are alternate ways of accomplishing this popup confirmation without hijacking the original HREF link attribute.

Edited by thebruce0
  • Upvote 1

Share this post


Link to post
8 minutes ago, thebruce0 said:

Or, as an example in extremely simplified code:

Before:


<a href="http://mydestinationwebsite.url">Click me!</a>

After:


<a href="https://geocaching.com/current-profile-url#interceptable-mydestinationwebsite-url">Click me now!</a>

 

The simplified code helped.  The word explanation felt like it was going above my head.  😉

 

Interesting.

The other thing I noticed is that the PGC section isn't clickable, either left-click or right-click, in that second geocaching.com profile tab. That seems really odd.

 

Share this post


Link to post
On 11/10/2018 at 1:17 AM, Frau Potter said:

We generally do not warn users before we make security-related updates. In this case, we looked at the changes resulting from the updates and felt that the most important parts of the profile features were still working, and the remaining features could be updated over time.

 

Hi Cindy!

 

Looks like the milestones form the standard statistics are affected, too. As well as the GSAK-FSG statistics who look pretty uggly now, hope they will come with a quick fix...

 

Bye,

Christian

Share this post


Link to post
3 minutes ago, monsterbox said:

 

Hi Cindy!

 

Looks like the milestones form the standard statistics are affected, too. As well as the GSAK-FSG statistics who look pretty uggly now, hope they will come with a quick fix...

 

Bye,

Christian

 

I see the same. Milestones doesn't work at all (the geocaching.com provided statistics). I also see some error messages in the JS console, so I guess there's something wrong somewhere.

Maybe not the best idea to release major changes right before an extended weekend...

  • Upvote 1
  • Funny 1

Share this post


Link to post
18 hours ago, thebruce0 said:

 

Yes. Links were left as the user left them in the source html. They are now hijacked during HTML sanitizing for gc.com script interception. Now, "Open in new tab" opens the same GC profile page because the URL is the same as current - the profile page you're looking at. The hijack is in place by appending a hash to the URL which the GC script recognizes, so that it can intercept the link, prompt the confirmation, then follow through with the original URL (which can only be done via the GC script, not with standard browser behaviour).

 

Before the change, the link was just the destination URL. Browser actions on the link were normal. "Open in a new tab" would open the intended destination URL in a new tab. Not so now.

 

Or, as an example in extremely simplified code:

Before:


<a href="http://mydestinationwebsite.url">Click me!</a>

After:


<a href="https://geocaching.com/current-profile-url#interceptable-mydestinationwebsite-url">Click me now!</a>

If you open the latter in a new tab, the hash is irrelevent and the same profile page displays. If you open the link in the normal way (ie, left click or tap), the GC script intercepts the action, does the navigate confirmation, and reads the hash data to take the user to the original intended destination url, which is no longer possibel using any other method.

 

There are alternate ways of accomplishing this popup confirmation without hijacking the original HREF link attribute.

 

Still struggling with this, here is my previous code, what do I need to change to make it work please? TIA
 

<a href="https://gallery.mailchimp.com/e6e20779eb7dd16ab4becdf4a/images/71644239-94c8-4ac7-a784-0b5380349d5d.png" target="_blank"><img src="https://gallery.mailchimp.com/e6e20779eb7dd16ab4becdf4a/images/71644239-94c8-4ac7-a784-0b5380349d5d.png" height="132" alt="GAGB CITO 2017 Badge"></a>
</td>

 

Share this post


Link to post
1 hour ago, Kaarthuul said:

Still struggling with this, here is my previous code, what do I need to change to make it work please? TIA
 

<a href="https://gallery.mailchimp.com/e6e20779eb7dd16ab4becdf4a/images/71644239-94c8-4ac7-a784-0b5380349d5d.png" target="_blank"><img src="https://gallery.mailchimp.com/e6e20779eb7dd16ab4becdf4a/images/71644239-94c8-4ac7-a784-0b5380349d5d.png" height="132" alt="GAGB CITO 2017 Badge"></a>
</td>

 

Nothing you can do now. Not unless Groundspeak removes the HREF attribute hijacking. We have to put up with a left-click or tap interaction, and the confirmation popup.

Share this post


Link to post
5 minutes ago, thebruce0 said:

 

Nothing you can do now. Not unless Groundspeak removes the HREF attribute hijacking. We have to put up with a left-click or tap interaction, and the confirmation popup.

 

 

I get the popup and say OK but it just opens another profile page instead of the link. The post above talked about changing the HREF link to go via geocaching.com but I could not get it to work?

Edited by Kaarthuul

Share this post


Link to post
8 minutes ago, Kaarthuul said:

 

 

I get the popup and say OK but it just opens another profile page instead of the link. The post above talked about changing the HREF link to go via geocaching.com but I could not get it to work?

 

You can get this to work in your browser by using my user script: https://thomfre.net/gcunappifier.user.js (you will need to install Tampermonkey first).

  • Upvote 1
  • Helpful 1

Share this post


Link to post
6 minutes ago, thomfre said:

 

You can get this to work in your browser by using my user script: https://thomfre.net/gcunappifier.user.js (you will need to install Tampermonkey first).

 

Works like a charm but it should be fixed at GS' side so it works for everyone.

 

  • Upvote 1

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 15

×