RE: Disallow user to modify URL in browser address bar

2003-08-25 Thread thirumalai . veeraswamy
in the location bar, then the referrer would be blank. You can check that out and send a status 500 in the header. -Original Message- From: Syed, Nazeer [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2003 7:11 PM To: Struts Users Mailing List Subject: RE: Disallow user to modify URL

RE: Disallow user to modify URL in browser address bar

2003-08-25 Thread sriram
To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: Disallow user to modify URL in browser address bar Importance: High You can check the HTTP_REFERRER host header info. If you click an url (hyperlink) http://localhost:8080/app/str/testview_srchpost.do which is given in http://localhost:8080

RE: Disallow user to modify URL in browser address bar

2003-08-22 Thread James Mitchell
What you are wanting is not possible. It's YOUR job (as a developer) to handle situations where they may have done so. Hint: unknown=true Good Luck!!! -- James Mitchell Software Engineer / Struts Evangelist http://www.struts-atlanta.org 678.910.8017 AIM:jmitchtx -Original

Re: Disallow user to modify URL in browser address bar

2003-08-22 Thread Jiri Chaloupka
Hallo, you can, for example, add to url some hash with parameters and salt ... Jiri James Mitchell wrote: What you are wanting is not possible. It's YOUR job (as a developer) to handle situations where they may have done so. Hint: unknown=true Good Luck!!! -- James Mitchell Software

RE: Disallow user to modify URL in browser address bar

2003-08-22 Thread Andrew Hill
PROTECTED] Sent: Friday, 22 August 2003 19:22 To: 'Struts Users Mailing List' Subject: RE: Disallow user to modify URL in browser address bar What you are wanting is not possible. It's YOUR job (as a developer) to handle situations where they may have done so. Hint: unknown=true Good Luck

Re: Disallow user to modify URL in browser address bar

2003-08-22 Thread rajendra . x . yadav
If the user is allowed to view the page, then no problem. If he is not.. then you should have some sessionid authentication and user role and privilige authentication in every page. I think that's the only way of preventing a user to go to a restricted page. thanks -raj

RE: Disallow user to modify URL in browser address bar

2003-08-22 Thread sriram
how reliable is this! Sriram -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2003 2:09 PM To: Struts Users Mailing List Subject: Re: Disallow user to modify URL in browser address bar If the user is allowed to view the page, then no problem

RE: Disallow user to modify URL in browser address bar

2003-08-22 Thread Syed, Nazeer
If testview_srchpost.do and testtwoview_srchpost.do are valid action then you cannot restrict. This means testview_srchpost.do, esttwoview_srchpost.do are in Struts Config File If that testtwoview_srchpost.do not Valid action then It will go default page or Error Page Thanks Nazeer

RE: Disallow user to modify URL in browser address bar

2003-08-22 Thread rajendra . x . yadav
: Rajendra X. Yadav/EMPL/India/[EMAIL PROTECTED] Subject: RE: Disallow user to modify URL in browser address bar 22/08/2003 06:13

RE: Disallow user to modify URL in browser address bar

2003-08-22 Thread Craig R. McClanahan
On Fri, 22 Aug 2003, Andrew Hill wrote: Date: Fri, 22 Aug 2003 19:31:18 +0800 From: Andrew Hill [EMAIL PROTECTED] Reply-To: Struts Users Mailing List [EMAIL PROTECTED], [EMAIL PROTECTED] To: Struts Users Mailing List [EMAIL PROTECTED] Subject: RE: Disallow user to modify URL in browser