You can check the "HTTP_REFERRER" host header info. If you click an url (hyperlink) http://localhost:8080/app/str/testview_srchpost.do which is given in http://localhost:8080/app/str/index.jsp page then the referrer would be http://localhost:8080/app/str/index.jsp if you just type the url in the location bar, then the referrer would be blank. You can check that out and send a status 500 in the header.
> -----Original Message----- > From: Syed, Nazeer [mailto:[EMAIL PROTECTED] > Sent: Friday, August 22, 2003 7:11 PM > To: Struts Users Mailing List > Subject: RE: Disallow user to modify URL in browser address bar > > > > If testview_srchpost.do and testtwoview_srchpost.do are > valid action then you cannot restrict. This means > testview_srchpost.do, esttwoview_srchpost.do are in Struts > Config File > > If that testtwoview_srchpost.do not Valid action then It will > go default page or Error Page > > Thanks > Nazeer > > > -----Original Message----- > From: sriram [mailto:[EMAIL PROTECTED] > Sent: Friday, August 22, 2003 2:16 AM > To: 'Struts Users Mailing List' > Subject: Disallow user to modify URL in browser address bar > > How to identify if user has manipulated the URL in Address > Bar of the browser? > > For ex., the application displays a page with the following URL: > http://localhost:8080/app/str/testview_srchpost.do Now, the user modifies the URL in the address bard. Instead of testview_srchpost.do, user types testtwoview_srchpost.do and clicks ENTER. I want to restrict such types of URL modification Struts application. I should take the user to a default access denied page when ever user does such changes. How to identify this action of the user? Pl. give some ideas.
This e-Mail may contain proprietary and confidential information and is sent for the intended recipient(s) only. If by an addressing or transmission error this mail has been misdirected to you, you are requested to delete this mail immediately. You are also hereby notified that any use, any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message, contents or its attachment other than by its intended recipient/s is strictly prohibited. Visit Us at http://www.polaris.co.in
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
