Click here to Skip to main content
15,867,310 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hi,
I have a web application IN ASP.NET 3.5.
My question is how can I prevent the web page to open when the url is directly entered in the browser. I want the user to access the web page only through the application and not directly entering the Url in a browser.

Your help will be highly appreciated.

Thanks.
Posted
Comments
Sergey Alexandrovich Kryukov 4-May-12 17:56pm    
Why? Why?!
--SA

When the page opens from your app you can pass a token so that the page knows it's been opened from the app. If the token is not present then display an error page.
 
Share this answer
 
Comments
syed armaan hussain 4-May-12 18:58pm    
can u please tel me how to pass a token . am beginner
Sergey Alexandrovich Kryukov 4-May-12 22:50pm    
Can you explain why the user cannot do the same? However, it depends on what is the user...
--SA
R. Giskard Reventlov 4-May-12 23:06pm    
I don't want to give him everything and my solution is a little simplistic but he could populate a session variable when the user first logs in.
Sergey Alexandrovich Kryukov 8-May-12 13:21pm    
Fair enough. Come to think about, you did not give OP the solution of what he wanted. It was not a reasonable answer anyway, as I actually tried to explain.
Instead, you have given him a reasonable alternative. OP cannot prevent the user from loading any page the user wants using any URL which gives HTTP response in other cases (in the cases of referrals OP considers legitimate). I still think the Web developer cannot do it (and in certain sense, has no right to prevent it).
So, I vote 5.
--SA
R. Giskard Reventlov 8-May-12 13:52pm    
Actually, yes you can prevent a page from opening by the method given. It won't matter what the user types in as the url, if a token of some description is not present then go to another page, hence the page requested is never displayed. You could do this a number of different ways but using a session variable is the simplest.
You have no right to prevent the user from typing the URL and loading a page, nor you have any control over it. And this is good. You could understand it if you analyzed how Web works.

If you explain the purpose of your question, you might get a useful advice, depending on what is that purpose.

[EDIT]

Instead of having this pointless task, you can do something more reasonable. For exactly, one the server side you can check up the referral and generate some essential context if you find the referral is legitimate and do something else if it is not, for example, redirect to error page. Please see:
http://msdn.microsoft.com/en-us/library/system.web.httprequest.urlreferrer.aspx[^].

—SA
 
Share this answer
 
v2
Comments
syed armaan hussain 4-May-12 18:57pm    
my application in like an admin pannel!
user have to access the web pages by givin ID pass...
but if user know the url of pages .. he can directly access the pages simply by putting URL in browser
R. Giskard Reventlov 4-May-12 19:07pm    
Er, yes he has the right to do whatever he wants. Might be crap but that isn't for you or I to say. Don't be so dictatorial.
Sergey Alexandrovich Kryukov 4-May-12 22:49pm    
This is not me. Why would I be dictatorial? This is the user who has every right to use any URL and load any page if it exists on the server. Do you disagree? Would be interesting...
--SA
R. Giskard Reventlov 4-May-12 23:04pm    
You said to him: "You have no right to prevent the user from typing the URL and loading a page". That is being dictatorial.
Sergey Alexandrovich Kryukov 5-May-12 21:27pm    
I understood what you thought in first place. Not everything should be read literally...
--SA
Hi,
You should use forms authentication to prevent the user to directly enter the url and accessing the page. They will have to go through the Root directory, that is your home page first.

Use this in your web.config

XML
<allow users="*"/>
<deny users="?"/>


-AK
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900