Looking further into this, seems like Request.ServerVariables("HTTP_REFERER") cannot be relied upon in all circumstances...

For example: http://classicasp.aspfaq.com/general...p-referer.html

...to the extent that it's not the solution I am after. Ultimately, I'm looking for a way to make an ASP page deliver output A to the browser if accessed directly (i.e. its path is entered in the address bar of the browser) and output B to the browser if the page is embedded wihin an iframe. As I said in my first post, it is perhaps a strange request, and there may not be a suitable approach. I welcome any additional suggestions from anyone. Thanks.

The problem with Piracy is that there is no 100% full proof system to keep your stuff from being ripped off. (though when Sonic Foundary existed they did a particularly good job of fighting the problem: the serial # required to activate their products was completely dependant on the components contained in a users system. Their software would generate a product key based upon the PC setup and then you would have to call an 800 number to get a Serial Number that corolated to the key you provided.) I would suggest a COM component or something similiar that the user would have to install on their server, however, you would have to figure out a way for this component to stop connecting to your server if, say, the subscriber quit paying for X service. (Which this could be as easy as a username and password that would have to be sent along with a request and then disallowing that user)

Of course I could eaisly take X component and give it to my friend for them to use, give them my username and password and viola, they now have access to the service.



--Stole this from a moderator

I will only tell you how to do it, not do it for you.
Unless, of course, you want to hire me to do work for you.

Yep - good suggestions. I agree, it's a bit of a nightmare to try to protect something 100%.