Ask a Question related to ASP.NET Security, Design and Development.
-
Jay Janarthanan #1
POST method and HTTP-REFER
We have a application which allows other authorized sites to send users to
our site...when the user is sent to us, user info is sent to us as a hidden
Form variable and we use the HTTP-REFER variable to make sure the user is
coming from an approved site. Now I understand the user of HTTP-REFER is not
a good idea, is there any other ways to validate where a user is coming
from.
Jay
Jay Janarthanan Guest
-
How to call a web method using http get/post?
Hi folks, Is there anyway to call a web method over an HTTP protocol using the GET/POST methods (without using the SOAP protocol)??? Any help... -
Post method
Hi there Someone know how to capture the vars and values from the POST method, such like a Matts' FormMail, i want to do somethink like that, and... -
using post method
Hello All, I am trying to use the post method in perl to fill a form. The form is actually for sending an instant message to a cell phone, i would... -
ASP, FORMS, POST METHOD And Post with out form(???)
Lets see if I can decribe, this... I have a form on an html page, that will call a remote site with a post method. Prior to running off to the... -
"The system cannot find the file specified." when invoking method ~HTTP Get/Post
Developed and successfully tested my web service on a development server with .asmx mapped to v1.0.3705 \aspnet_isapi.dll, but when I migrated it... -
Fredrik Normén www.NSQUARED2.net #2 POST method and HTTP-REFER
You can use the REMOTE_ADDR server variable to get the
users IP adress and use it instead of HTTP_REFER.
But the only way to get the page a user came from is with
the HTTP_REFER..
/Fredrik Normén NSQUARED2
[url]http://www.nsquared2.net[/url]
to send users to>-----Original Message-----
>We have a application which allows other authorized sitesto us as a hidden>our site...when the user is sent to us, user info is sentsure the user is>Form variable and we use the HTTP-REFER variable to makeof HTTP-REFER is not>coming from an approved site. Now I understand the useruser is coming>a good idea, is there any other ways to validate where a>from.
>
>Jay
>
>
>.
>Fredrik Normén www.NSQUARED2.net Guest
-
Jay Janarthanan #3 Re: POST method and HTTP-REFER
Thanks...but we need to know where the user came from. HTTP_REFER is good,
but some time older browsers don't support it. We found the support around
96%., but for me the biggest worry is the security and since HTTP_REFER is
at Layer7, it can be spoofed a lot easily.
Jay
"Fredrik Normén www.NSQUARED2.net" <fredrik@nospam.com> wrote in message
news:0e5d01c38b16$6fda8880$a401280a@phx.gbl...
You can use the REMOTE_ADDR server variable to get the
users IP adress and use it instead of HTTP_REFER.
But the only way to get the page a user came from is with
the HTTP_REFER..
/Fredrik Normén NSQUARED2
[url]http://www.nsquared2.net[/url]
to send users to>-----Original Message-----
>We have a application which allows other authorized sitesto us as a hidden>our site...when the user is sent to us, user info is sentsure the user is>Form variable and we use the HTTP-REFER variable to makeof HTTP-REFER is not>coming from an approved site. Now I understand the useruser is coming>a good idea, is there any other ways to validate where a>from.
>
>Jay
>
>
>.
>
Jay Janarthanan Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
