From a4874cba03660c3c2169c71c1d32e5474304d984 Mon Sep 17 00:00:00 2001
From: Steve Clay <steve@mrclay.org>
Date: Sun, 31 Mar 2013 20:22:53 -0400
Subject: Fixes #5297: Improve error message in cases of suspected cross-domain
 login

---
 htaccess_dist | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'htaccess_dist')

diff --git a/htaccess_dist b/htaccess_dist
index 898fa22fb..44d129475 100644
--- a/htaccess_dist
+++ b/htaccess_dist
@@ -112,6 +112,14 @@ RewriteEngine on
 #
 #RewriteBase /
 
+
+# If your users receive the message "Sorry, logging in from a different domain is not permitted"
+# you must make sure your login form is served from the same hostname as your site pages.
+# See http://docs.elgg.org/wiki/Login_token_mismatch_error for more info.
+#
+# If you must add RewriteRules to change hostname, add them directly below (above all the others)
+
+
 # In for backwards compatibility
 RewriteRule ^pg\/([A-Za-z0-9\_\-]+)$ engine/handlers/page_handler.php?handler=$1&%{QUERY_STRING} [L]
 RewriteRule ^pg\/([A-Za-z0-9\_\-]+)\/(.*)$ engine/handlers/page_handler.php?handler=$1&page=$2&%{QUERY_STRING} [L]
-- 
cgit v1.2.3