Security Issue - End user copying the URL to next tab and processing. Lot of data problem

Question

0.00/5 (No votes)

See more:

1.In our application, we have restricted the right click but the end user is copying the URL and paste in another tab and using. I want to restrict this activity. I can use Window.open to popup a new window without address bar,title bar, menubar likewise.... but I can't suggest the end user to enable the popup windows.

2. More over query string problem also. We are using Response.Redirect and Response.Redirect doesn't support POST method....What to do ?
But I tried to use Server.Transfer also but getting design issues.

Kindly reply with your valuable comments and feedbacks....

I would appreciate if I really find a implementable solution here...

Thank you....

Posted 19-Jan-13 23:53pm

chenthil28

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

**Zoltán Zörgő** · Answer 1 · 2013-01-20T02:16:00

1) you can't prevent users doing such things
2) store everything needed in session variables

What you can/should use: CSRF tokens[^]. If you need you can implement even simple links as forms, to have it under control.
If you want to force users to follow a specific path in the application, you can create one-time random cookies with their pair stored in session. This is a technique, not a concrete tool. Every cookie is valuable for the following step only, thus even if the user opens an other window with the same url, only one of them can be used.
But everything depends on what kind of application you are making, for what purpose.

Sandeep Mewara · Answer 2 · 2013-01-20T00:27:00

I can use Window.open to popup a new window without address bar,title bar, menubar likewise.... but I can't suggest the end user to enable the popup windows.
Window.Open is not opening a popup and does not need popup blocker to be inactive.

Response.Redirect and Response.Redirect doesn't support POST method
You can use JavaScript and send the request to server in a specified manner.

Similar discussion in detail here: Response.Redirect with POST instead of Get?[^]
It says:
... way to implement something like this would be to use JavaScript. There are two options I can think of off the top of my head:
- Create the form and have it's action attribute point to the third-party server. Then, add a click event to the submit button that first executes an AJAX request to your server with the data, and then allows the form to be submitted to the third-party server.
- Create the form to post to your server. When the form is submitted, show the user a page that has a form in it with all of the data you want to pass on, all in hidden inputs. Just show a message like "Redirecting...". Then, add a JavaScript event to the page that submits the form to the third-party server.

Security Issue - End user copying the URL to next tab and processing. Lot of data problem

2 solutions

Solution 2

Solution 1

Add your solution here

Preview 0