Ask a Question related to Macromedia ColdFusion, Design and Development.
-
Earl #1
Restrict page access to parent page only (not by permissions)
I wish to restrict access of a pop-up page to parent page only.
i.e. - if a request for "popup.cfm" comes from anywhere except
"launch.cfm" then redirect the request back to "launch.cfm". I have
cases where the links are to plain dot.CFM pages and pages with
dot.CFM?#URLvariables#
I've tried <cfif> conditionals with "server_name", "cgi.remote_addr" and
such but can't get them to work below domain or IP scope. In plain
english: if referrer is not launch.cfm redirect to launch.cfm.
CFMX7 on Windows 2003
Earl Guest
-
Restrict Access to Index Page
I would like to limit access for a user to just a website's main index page. I have found in Contribute that you can only restrict access by... -
how to access user web control from parent page?
Hi, I've created a user web control with 4 drop down list boxes in it. I've added this user control to my main web form page. I created the... -
Restrict Access To Page MX2004
Yes me too...how to resolve? Anyone? -
cant get Restrict Access to Page server behaviour towork
All my asp pages have been working up until now. The first problem started when I put the Restrict Access to Page server behaviour on a page... it... -
Access properties of parent page from user control
I am trying to build a control that can only be used on a page that inherits from a custom class. This base class as a series of public... -
Stressed_Simon #2 Re: Restrict page access to parent page only (not bypermissions)
This should do the trick, althogh I have not checked to see how calling from
JavaScript will effect the CGI variable.
<!--- if this page was not referenced from launch.cfm then redirect to
launch.cfm --->
<cfif Right(CGI.HTTP_Referer, 10) IS NOT "launch.cfm">
<cflocation url="launch.cfm">
</cfif>
Stressed_Simon Guest
-
mxstu #3 Re: Restrict page access to parent page only (not bypermissions)
I think some software (Norton, et. al.) can block the CGI.HTTP_REFERER variable
from being populated. So it is possible that the CGI.HTTP_REFERER on the pop-up
page may be blank ("") even if the user legitimately accessed the pop-up page
through "launch.cfm". Just something to think about.
What about passing some sort of encrypted value as a parameter? Then on the
pop-up page, you could check the value and if it is not correct, redirect the
user to the launch.cfm page?
mxstu Guest
-
Earl #4 Re: Restrict page access to parent page only (not by permissions)
mxstu wrote:
Thanks for both reponses!> I think some software (Norton, et. al.) can block the CGI.HTTP_REFERER variable
> from being populated. So it is possible that the CGI.HTTP_REFERER on the pop-up
> page may be blank ("") even if the user legitimately accessed the pop-up page
> through "launch.cfm". Just something to think about.
>
> What about passing some sort of encrypted value as a parameter? Then on the
> pop-up page, you could check the value and if it is not correct, redirect the
> user to the launch.cfm page?
>
>
>
Stressed, I went with something like this:
<cfif CGI.HTTP_Referer DOES NOT CONTAIN "gallery.cfm">
<cflocation url="images.cfm" addtoken="no">
</cfif>
and it worked beautifully, until I read a good bit about how Norton and
other tools do seems to whack this approach. Maybe I could put a "this
site for Mac and *nix only" banner up?
So I tried and tried mxstu's approach and came up with this:
<cfif IsDefined("url.gal_ImageID")>
which prevents accidental landings on the page (should have been there
to start with!) but does not prevent people from refering directly to
the pop-up pages. Referral seems to be what I need, back to the drawing
board...
Earl Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
