On Tue, 7 Dec 1999, Joshua Chamas wrote:
> Bill Desjardins wrote:
> >
> > > I don't need these non-cookie secure sessions myself, but if
> > > I am going to give ASP developers a session option, it should be
> > > possible to make secure.
> >
> > Here is how I solved the problem with redirecting offsite when I am using
> > the URI for session tracking. Since I have never used ASP or Apache::ASP,
> > I am not sure if you could implement this somehow.
> >
> > I fixup all offsite URL's (in my Racing_Links Section) so that the href
> > looks like this:
> >
> > <a href='/Redirect_External?redir_url=http://url.toget.com/blahblahblah'
> > target='new'>
> >
> ...
> >
> > print qq|<html><head><meta http-equiv=refresh
> > content='0;URL=$redir_url'></head><body></body></html>|;
> >
> > return OK;
> > }
> >
>
> <meta refresh> === Brilliant !!
Almost brilliant. Some browsers do NOT support this functionality.
Do ALL surfers use NS and IE? Obviosly not! Which makes this solution a
so-so.
At least you have provide the <A HREF=""></A> to the final destination
inside the html body.
But if you intercept the redirection, why not to strip/modify the
HTTP_REFER header at the server side?
_______________________________________________________________________
Stas Bekman mailto:[EMAIL PROTECTED] http://www.stason.org/stas
Perl,CGI,Apache,Linux,Web,Java,PC http://www.stason.org/stas/TULARC
perl.apache.org modperl.sourcegarden.org perlmonth.com perl.org
single o-> + single o-+ = singlesheaven http://www.singlesheaven.com
