asp_databases thread: Security
Message #1 by "Peter R Hawkes" <asp@p...> on Sun, 28 May 2000 9:34:9
|
|
I recall a member mentioning the use of http_referer to establish where a
visitor to a page had come from? I have been using a combination of Session
variables and DB checking to ensure that a visitor is genuine.
Can anyone help me with how to use http_referer to ensure a visitor has
come from the expected page
peter H
Message #2 by "Ruud Voigt" <RuudVoigt@w...> on Sun, 28 May 2000 13:37:13 +0200
|
|
MS IE only sends the reffer in the header
over a secure connection (SSL).
-----Original Message-----
From: Peter R Hawkes []
Sent: Sunday, May 28, 2000 12:00 AM
To: ASP Databases
Subject: [asp_databases] Security
I recall a member mentioning the use of http_referer to establish where a
visitor to a page had come from? I have been using a combination of Session
variables and DB checking to ensure that a visitor is genuine.
Can anyone help me with how to use http_referer to ensure a visitor has
come from the expected page
peter H
---
Message #3 by "Ken Schaefer" <ken.s@a...> on Sun, 28 May 2000 22:51:03 +1000
|
|
If Request.ServerVariables("HTTP_Referer") = "correctpreviouspage.asp" then
' write the page
else
response.redirect("youdidnotcomefromtherightpage.asp")
end if
Cheers
Ken
----- Original Message -----
From: "Peter R Hawkes"
To: "ASP Databases" <asp_databases@p...>
Sent: Sunday, May 28, 2000 12:00 AM
Subject: [asp_databases] Security
> I recall a member mentioning the use of http_referer to establish where a
> visitor to a page had come from? I have been using a combination of
Session
> variables and DB checking to ensure that a visitor is genuine.
>
> Can anyone help me with how to use http_referer to ensure a visitor has
> come from the expected page
>
> peter H
>
|
View Cart
