RE: HTTPS redirections
- From: "Sergii Khomenko" <sergey.khomenko@xxxxxxxxx>
- Date: Mon, 27 Aug 2007 14:41:26 +0300
Anthony,
Like Jason said this can be done by using http header information - referer field.
By javascript for example you can access referer and depending on referer send a visitor to a page(site) you prefer.
Here is an example how to access referer field by javascript http://www.netmechanic.com/news/vol4/javascript_no14.htm
sergii
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Jason Ross
Sent: Saturday, August 25, 2007 12:13 AM
To: anthony@xxxxxxxxxxxx
Cc: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: HTTPS redirections
On 8/24/07, anthony@xxxxxxxxxxxx <anthony@xxxxxxxxxxxx> wrote:
I have noticed how some websites only allow access to a particular
page if a link within the page has been 'clicked' ie. user cannot
paste link address in browser bar to get to desired page.
For security purposes I would like to create a script and achieve
similar results.
I believe that (at least one way) this is done is by checking the
referer header. In PHP this can be accessed via the predefined
variable: $_SERVER['HTTP_REFERER'], other languages should have
similar methods of obtaining this.
AFAIK, there is not a difference between HTTP and HTTPS as far as
this method is concerned.
--
Jason
- References:
- Re: HTTPS redirections
- From: Jason Ross
- Re: HTTPS redirections
- Prev by Date: Advice regarding servers and Wiping Drives after testing
- Next by Date: RE: HTTPS redirections
- Previous by thread: RE: HTTPS redirections
- Next by thread: RE: HTTPS redirections
- Index(es):
Relevant Pages
|
