Fixes #5297: Improve error message in cases of suspected cross-domain login

author: Steve Clay <steve@mrclay.org> 2013-03-31 20:22:53 -0400
committer: Steve Clay <steve@mrclay.org> 2013-03-31 20:22:53 -0400
commit: a4874cba03660c3c2169c71c1d32e5474304d984 (patch)
tree: 55a3d85ee24b0acd653333b15acbdc8d0c1cd078 /htaccess_dist
parent: 835c7fe5eb77343081b9bd33ec465f9ce8929570 (diff)
download: elgg-a4874cba03660c3c2169c71c1d32e5474304d984.tar.gz
elgg-a4874cba03660c3c2169c71c1d32e5474304d984.tar.bz2
1 files changed, 8 insertions, 0 deletions
diff --git a/htaccess_dist b/htaccess_dist
index 898fa22fb..44d129475 100644
--- a/htaccess_dist
+++ b/htaccess_dist
@@ -112,6 +112,14 @@ RewriteEngine on
 #
 #RewriteBase /
 
+
+# If your users receive the message "Sorry, logging in from a different domain is not permitted"
+# you must make sure your login form is served from the same hostname as your site pages.
+# See http://docs.elgg.org/wiki/Login_token_mismatch_error for more info.
+#
+# If you must add RewriteRules to change hostname, add them directly below (above all the others)
+
+
 # In for backwards compatibility
 RewriteRule ^pg\/([A-Za-z0-9\_\-]+)$ engine/handlers/page_handler.php?handler=$1&%{QUERY_STRING} [L]
 RewriteRule ^pg\/([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/page_handler.php?handler=$1&page=$2&%{QUERY_STRING} [L]
author	Steve Clay <steve@mrclay.org>	2013-03-31 20:22:53 -0400
committer	Steve Clay <steve@mrclay.org>	2013-03-31 20:22:53 -0400
commit	a4874cba03660c3c2169c71c1d32e5474304d984 (patch)
tree	55a3d85ee24b0acd653333b15acbdc8d0c1cd078 /htaccess_dist
parent	835c7fe5eb77343081b9bd33ec465f9ce8929570 (diff)
download	elgg-a4874cba03660c3c2169c71c1d32e5474304d984.tar.gz elgg-a4874cba03660c3c2169c71c1d32e5474304d984.tar.bz2